Month: September 2004

Short Trip

I’ve just gotten back [well, last night] from a short trip to the Washington DC area – namely Bethesda, Maryland. I think it’s kind of a nice place – except for all the traffic. Lots of green and hills. Except: I really didn’t see much. I went to an office and sat in a room without windows for 6 hours or so. Next time I go, maybe I’ll be there long enough to do some touring and take some pictures. I’ve never been to the Smithsonian yet.

The cool thing about this trip was that since it was a one night trip, I didn’t have much in the way of luggage – so I rode the motorcycle to the airport. It was pretty cool to be able to do that. The only problem is that I had nowhere to stash my helmet – they’ve taken all the lockers offline.

One thing I did notice about the area though – there are a lot of political talk radio shows on the air. I even listened a while to CSPAN Radio… Well, it is the capitol.

Geekin’ Out In My Living Room

WARNING – GEEK CONTENT AHEAD:

Since Windows XP SP2 is out and my machine is working a bit better, WPA [Wireless Protected Access] now protects my WLAN. Previously, when I had just purchased my 802.11b/g WAP and NIC [to replace my dying D-Link equipment which didn’t support 128-bit WEP much less the newer WPA standard] I attempted to configure WPA as a “best practice” for good security and privacy on my home LAN. However, it wouldn’t work. It kept forcing reconnects and dropping the link. Not to mention it could only barely perceive what would normally be a very strong signal.

Now, with a hardware flash and SP2 installed on my laptop, WPA is streaming along quite nicely. No interruption of service here! And, now, I’ve completely implemented what all WiFi network owners should as a matter of course – best-practice security procedures. What I’ve discovered and been told is that there are five very basic things one can do to improve the security of one’s wireless LAN.

First: Change the SSID from the default setting. Many home users [and I’ve seen them] have the SSID set on their WLAN to the factory setting – because they don’t know better. So, I’ve seen WLANs called “default” and “netgear” among others. So, call it something different like “Bob’s Wireless Network Zone” if that will fit. Haven’t tried one that long.
Second: Disable broadcast of SSID. This will keep others from being able to connect to you WLAN just by scanning the area [which Windows XP does by default] and clicking “connect”. They’ll have to guess it and type it in manually – a much more time consuming process. They’ll eventually get bored and try your neighbor’s WLAN which is still called “default”.
Third: Enforce Access Control. Allow connections only from known MAC addresses. For those of you who don’t know, a Media Access Controller [MAC] address is a unique hexadecimal number given to the WLAN adapter. If you restrict access only to your MAC address, you disable connections of anyone who doesn’t happen to know your MAC address… Of course, if your resourceful enough, you can still “spoof” that.
Fourth: Implement the highest form of encryption you can. Before I got WPA working, I had to settle for 128-bit WEP which, while good, is not THAT good and fairly easy to crack. So – while people wouldn’t necessarily be able to connect to my WLAN, they could still grab my network traffic, decrypt it, and find out what I was doing. WPA, on the other hand requires each packet to be decrypted separately since the key changes each time so that the effort of decryption is so great that all but the best of the best are deterred.
Fifth: Place the WAP in a location where the signal does not spread too far outside of your house or business. I’ve placed mine on the fourth floor so that you can barely get a signal from the ground – you’d have to be standing in my driveway to even get a signal.

Okay – now I’m “as secure as WiFi can be”. Which is to say, I’ve done all I can and if someone truly wants to break in and has the knowledge and expertise, I can’t stop them. But then again, they could do that through my hard line link. But, of course, who would want to?

So, now what am I doing? I’m working from my living room instead of my office. I needed more flat table space to fill out some forms for my project than I had in the office, so I’m sitting at the table all encrypted and stuff – no wires but the power cable. It’s nicer up here…

System Update

Most of you won’t really care, but I have finally gotten the Linux 2.6.8 kernel to run on my web server. It really wasn’t all that hard – just had to find the right RPM package. I also updated my Gallery software to the latest revision which patches a few security holes [not that I noticed they were there…].

I guess this is what sitting at home in front of my systems does for me – I keep seeing things that need to be done even though I’m supposed to be working!

Well, enough of that. Back to work now.

Beach Party!

Laura’s mother’s family is having a beach gathering this weekend, so we’re getting ready to drive out for the weekend. We’ve rented a large beach house and are going to stay the entire weekend. At first, I was a little nervous about it, but I think it will actually be fun. And, the weather is going to be great. Plus, I’m bringing the motorcycle to ride up and down Seawall Boulevard in Galveston.

Now – for those of you who have never been to Galveston, TX – It’s not much of a beach, but it’s all we have nearby. The San Jacinto river dumps tons of river silt in the water a few miles before the island begins, so the water is brown. It looks like you’re swimming in mud and visibility is about 6 inches. [No SCUBA here!] When you fly over the island, it looks like a brown streak is rubbed across the coast line. New Orleans is worse, what with the Mississippi river dumping its gut in the Gulf, so I’m glad I don’t live there. All I can say about Galveston is that I’m glad there has been no oil spill in the last decade or so – there was tar all over the beach the last time that happened.