Top
Get The Book

Buy the Paperback:

 

Amazon.com
Barnes & Noble
Lulu.com

Search

Subscribe
Connect with Keith
Twitterfeed

What's Happening?

Entries in Wireless (2)

Tuesday
Dec152009

More Secure Surfing

DateTuesday, December 15, 2009 at 10:18AM

Often when I visit a wireless cafe and try to get some work done, there are other users sharing the same wi-fi access point.  Because these access points are unsecured, this provides for the possibility that someone else could be monitoring my traffic.  As a precaution, I use port forwarding to create a secure SSH tunnel for all my surfing traffic.  There are several methods for accomplishing this, but this brief walkthrough will show you the easiest.

What You'll Need:

  • A Mac (the software in this example is Mac specific).  You can accomplish the same type of port-forwarding using Windows, but I don't know of an easy front-end similar to SSHTunnel.  I'm sure there is one, but I haven't had a need to discover it.
  • SSHTunnel from Antoine Mercadal
  • A server that allows SSH (check with your hosting provider)
  • A valid username and password for the server mentioned above

Download SSHTunnel from the link above.  Open the DMG file and copy the application to your favorite spot.

Launch SSHTunnel.

First you'll need to click the "Servers" button.

Initially, there are no servers in the list, so we'll need to create one.  Click the [+] button in the lower-left of the window.

We now have a blank server entry to populate with our own server information.

Double-click the entry for "No Name" and give your server a name.

Example Information OnlyNow, fill in the rest of the fields with the information for your server:

  • Server - Use the IP address for your server
  • Port - Use 22 for standard SSH
  • User - Valid username on your server with SSH permissions
  • Password - Password for your server account

You'll be prompted to "Apply to All Sessions".  Click [Yes]

Now, return to the "Sessions" page.  For this example, click "Airport Proxy" as we're in an Internet cafe and need to build our SSH tunnel using our wireless connection.

In the "Use this server" drop-down, select the server you created in the previous steps.  A default port of 7777 is chosen.  That's OK, se we'll leave it.

Click the toggle-switch in the bottom-right to ON to create the SSH tunnel.  You'll get a confirmation message if successful.

Now we need to make sure our Internet traffic uses the SSH tunnel.  In order to do this, we'll setup a proxy in our browser.  For this example I'm using Firefox, but other browsers should be similar in configuration.

From the toolbar, select Firefox > Preferences.  In the Preferences box, click "Advanced" and then "Network"

Click "Settings..."

Select "Manual proxy configuration".  In the field for SOCKS Host enter 127.0.0.1 and 7777 for Port.  This sends our traffic through the SSH tunnel.  Click [OK] a couple of times to close the Preferences dialogs.

If you want to confirm that you're using the tunnel, surf to a site that will report your IP address.  In this case, we'll go to www.ipchicken.com.  Notice that the IP address reported is the IP address for your server hosting the SSH tunnel, not for the Internet cafe.

That's all there is to it.  Once you're done, return to SSHTunnel and click the toggle switch to OFF for your session.  Then, from Firefox Preferences>Advanced>Network>Settings... restore your previous proxy settings (None).

This walk-through is based on the excellent information from http://www.revision3.com/hak5 and their follow-up segment on Mac Tunneling the Free and Easy Way.

AuthorR Keith Smith | CommentPost a Comment | Reference2 References |
tagged , , , in ,
Sunday
Oct252009

Wireless printer? What wireless printer?

DateSunday, October 25, 2009 at 8:01PM

 

The Problem

We have a network laser printer that we use at home for all sorts of activities, business and otherwise.  It's a Brother HL-5250DN.  Brother HL-5250DNIt was a good value at the time for a duplexing, networkable, laser printer; around $100.  The problem has been that with it connected in the home office, every time it prepares to print it causes a brownout in the room tripping the UPS that the wireless router and the Ubuntu server are plugged into.  It's an older house and even though the printer is plugged into a separate outlet from everything else, the power spike of heating the fuser causes problems for everything else on the circuit (the entire room).

The First Solution... Attempt

I happen to have an extra Linksys WET54G wireless bridge laying around. 

Linksys WET54G Wirless Bridge

For a long time, this was my wireless connection for the XBox360.  However, after needing some more connections (DVD Player & DVR), all the home entertainment devices got plugged into a decommissioned WRT54G flashed with DD-WRT.

Linksys WRT54G Wirless Router

  Anyway... back to the bridge.  I physically moved the printer into the guest bedroom and then reconfigured the WET54G.  My initial test printing attempts worked fine.  That was about all that worked fine.  Everything worked... until the printer went to power save.  It would not wake from powersave while connected to the bridge and had to be manually power cycled.  Not good.

The Final Solution... I Hope

I realized I needed a wired solution... or to go buy a wireless printer.  While, wireless network printers aren't really all that expensive nowadays, I don't see the need to give up on this perfectly serviceable printer that I already have.  So, I decided to drop a network connection from the office to the guest bedroom.  As they are on different sides of the hallway, I decided that going through the attic was the preferred solution; the basement ceiling below both rooms and the hallway is finished.

Step 1

There is already a low-voltage outlet in the office where the phone line comes in for the DSL.  I replaced the cover with a 2-hole keystone jack to accommodate a new RJ-45.

Step 2

Because I have a bad back, I had a friend's dad help me out by crawling through the attic and drilling two holes: one into the top of the wall above the outlet in the office and another one in the top of the wall in the guest bedroom.

Step 3

I knew the AC outlet in the guest bedroom was mounted to a stud.  And, knowing the studs are 16" on center, I decided to measure 24" from the AC outlet and then trace outline for my "old work" low-voltage box.  This matches up with where the hole was drilled into the top of the wall from the attic.

Step 4

Using a drywall knife, cut a hole in the drywall for the low-voltage box.

Dyrwall Knife

Step 5

We fed a fish tape down from the attic and pulled it out of the outlet hole in the office.  It helps here to remove the box from the wall.  I could get my hand inside the wall to grab hold of the fish tape with the box removed, but not while it was installed.

Steel Fish Tape

Step 6

Tape the Cat-5e cable to the end of the fish tape.

Step 7

Pull the fish tape (and Cat-5e cable) back up into the attic.  Make sure the cable is uncoiled so that it will feed easily into the wall and prevent it from binding.

Step 8

Run the cable to the top of the hole in the other wall.  Drop the cable down to the newly cutout hole in the drywall.  Now, pull the Cat-5e cable out.

Step 9

Now I could install the "old work" low-voltage box in the guest bedroom.  Leave about 12" - 14" inches of cable so that you have plenty "extra" in case you have to re-cut.  It's easier to push any excess cable back into the wall than to deal with a short cable.

Low Voltage "Old Work" Box

Step 10

Using wire-cutters, strip about 1" of sheath off the Cat-5e cable.

Wire Strippers

Be careful not to cut the twisted pair wires inside.  If you think you've nicked the wires, it's better to just go ahead and cut the end and start again.  I can't tell you how many times I've tried to find a connection problem and it was eventually solved by just cutting the end off the cable and re-stripping and re-connecting even though there was nothing obviously wrong with the cable.

Step 11

Using a punch tool, punch down the Cat-5e cable into a Cat-5e keystone jack. 

Punch Down Tool

Here I used the "B" scheme, but it doesn't really matter whether you choose A or B as long as you're consistent.

Step 12

Place the protective cover on the keystone jack.

Step 13

Fit the keystone jack into the wallplate and re-attach the wall-plate.

Step 14

Repeat for the other end of the cable.

So Far So Good

All my test prints have worked like a charm so far today.  I let the printer go into sleep mode several times and then sent test prints from 2 different computers on the network.  Each time it worked as expected.

 

AuthorR Keith Smith | Comment1 Comment |
tagged , , , in