Blog Archives

ISP change

The time has come for me to try Verizon FIOS. The pre-installers were at my house today to bury the fiber optic cable for FIOS internet. Their base package is only slightly slower than what I get with Road Runner, but Road Runner is $10 a month more expensive and has slower upload speeds. So they will be installing the system at my house tomorrow between 8am and 11am. I get a free wireless router and it does support port forwarding and all the advanced features I need to keep my home network up and running. If I do decide to keep FIOS and ditch Road Runner, I will have some DNS zone changes to make but it should be a fairly easy switch. Eventually I’ll upgrade to their middle package wtih 15MB down and 2MB up. I’ll start off with 5MB down and 2MB up. Which is enough to get me started, but eventually I’ll need more bandwidth!

Details

Our old house sold rather quickly, it was listed, sold and closed within 30 days. Our buyer was a little wacky and we had to jump through all kinds of hoops to make him happy. The closing date snuck up on us big time and we had only a few days to make moving arrangements. Liz and I packed up as much as we could and we had some friends that were nice enough to come over and help us. We had some help loading large items onto a moving truck which we were fortunately able to get for free from our real estate agent’s company. It was a 15′ truck and took 2 full loads to get all of our things to the garage of the new house. Liz and I loaded the first truck load along with some help from friends with the large items on Saturday morning. We then took the load to the new garage and unloaded it with just Liz and myself. It took us about 1 hour or so to unload the first trip. Then we took the truck back to our house and started to load more. It was getting late and Liz’s dad had come down to help from Ocala, so we took a dinner break and ended up with Liz’s dad and myself stopping by Dairy Queen on the way back. We got all the rest of the stuff from our old house loaded onto the truck in a few hours. Leaving only some trash to put out for collection and some small items like mirrors and things we could get with the van. It was almost 10pm by this time so we decided to leave it at that for the night and I drove the full truck back to a baseball field parking lot next to some friend’s house whom we were staying with. The next afternoon, Liz went somewhere with the kids and I took the truck to the new house and unloaded it by myself. It only took me a little over an hour and a half to get the extremely packed truck unloaded. What can I say, I’m nothing if not efficient. Ha ha. That evening I took the truck back to the real estate agent’s office and got my precious Miata back. I enjoyed a nice pleasant ride back to where we were staying.

First our home sale was supposed to happen on a Friday and the closing on our new house on a Monday. However, there was some kind of delay last minute and we could not close on either until Wednesday. So Wednesday finally came, I took some vacation days off work for Wednesday, Thursday and Friday but also had Monday off for Columbus day. So I had 6 days to move and get settled in. We met at the title company at 3pm on Wednesday to close on both houses. The buyer of our house could not be there so he came earlier and signed paperwork. Which we were very happy about so we didn’t have to deal with him in person since he gave us such a time dealing through his real estate agent. Not to mention his agent had a horrible accent and was very hard to understand. They got to us in a short amount of time and we signed all the sale papers for our old house. We finished only after about 15 minutes or so, and then decided to move on and finish the signing of the papers on our new house. This way, when the seller got there all he had to do was sign a few papers and we’d be all set.

Bad thing was that the amount we got back at closing was not as much as we had thought due to higher taxes and expenses in closing. So we got back just short of the amount we wanted. We had planned to pay off two big debts but didn’t receive enough to pay off just one of them. We will be getting an escrow refund from our first mortgage which will help and we don’t have a mortgage payment until Dec 1st, so I’m hoping the extra bill I hadn’t counted on will not be too high of a payment. We should be able to pay a little on the second debt which will hopefully make it more managable. We still have some things we need to buy though, like a dishwasher, since it died just after we got the keys. I’d like to get a new refridgerator, but that will have to wait. We did get a new TV (woo hoo), couch set, and some other things, but the budget is going to be interesting now. We are going to have to take Sarah out of private school and send her to a very highly rated public school nearby. We just can’t afford her tuition anymore with the higher living expenses. This has been hard for Liz and I’m not happy about it either, but unless I get a major career boost (and I already do good) or Liz gets a good job, we just can’t afford to send our kids to private school. Its bad enough just paying tuition for one, I can’t immaging how we could send all our kids to private school. Sarah will likely start public school in early November.

Activating utilities at the new house was a little strange, we are just outside the city limits of Temple Terrace, but still are on their water/sewer system. Tampa Electric still services us which is good, but water and trash pickup were tricky. The county told me they didn’t service my address, the city said they didn’t service the address, Temple Terrace told us they did. So it was a bit confusing getting it all setup. But on the day we moved in we had power, water/sewer and trash pickup is covered in our property taxes. I missed trash pickup this morning, I guess they come way earlier than I am used to, so I’ll have to remember to put it out the night before the pickup day. I ordered Verizon FIOS for internet access to try it out and see how it works for me. Its cheaper than Road Runner and has faster upload speeds which is more important to me than a few MB faster download speeds. I am downloading any TV shows I want to watch now so we didn’t get cable again and I don’t want to pay for Satellite, which stinks in Florida anyway with all the rain in the summer. I connected my PC via DVI to the new TV – a Hitachi 57″ HDTV. I watched some things on it in HD and its amazing. I just need to get a good surround sound system and I’ll be set. But thats one more thing I can’t afford right now. I might be able to get a PCI video card with a DVI port on it, and just use my e-mail server as my multimedia machine. I’d also need to get a wireless keyboard and mouse, but thats not too expensive. I have yet to decide what I want to do about that yet.

We love our new house, its not brand new and it has some maintenance things that will need to be done, but its been cared for and is in good shape overall. Its in a very quiet neighborhood, peaceful and pleasant. Liz has already been rollerblading a few times and I took the kids in the back yard last night to assemble their swing set and it was so quiet and there was a nice cool breeze blowing with no one else around. I have some installation inadequicies so it took a little longer than I had wanted to get the swing set assembled 🙂 We still have lots of stuff in the new garage so only my Miata can fit in there at night right now. I would like to have both vehicles in the garage by next weekend. Its not that much left to move, but its a matter of time and energy to go through it all. We made good progress in the few days we have been there, the kitchen and living room look great, but the other rooms are a little bare right now.

So I’m back at work today after a long break and am right back into the mix of things again. I think I am becomming a supporter of capitol punnishment for spammers. :-)]]>

Last minute change of plans

I took vacation days for Thursday, Friday – Monday and Tuesday to close on our houses and get moved in to the new house. So on Thursday morning I was off of work, Liz and I went to New Tampa and picked up the moving truck. We had purchased several items online and needed to go pick them up, so we headed out to Brandon to pickup our new couch set. We got there and the people were really nice and we had no trouble loading the new set. We left there and tried to find a place to stop and get a money order, because I was a few hundred short of the cash I needed to pay for the next item. We found an Amscot where we were going to try to buy a money order, but we only had a check and credit cards with us. They would not let us buy a money order since they deal strictly with cash. So we went to Lakeland anyway to pickup my new TV!!! I bought a 57″ Hitachi Big Screen. I got a great deal on it, it came with a matching entertainment center too. So there were two guys there at the house we picked it up from who helped us load it onto the truck. It took a while and lots of effort, but we managed to get the TV and entertainment center out of the house and onto the truck. I skinned up a knuckle hauling that monster, since we had to pick it up to get over dips and when moving at angles. We secured the TV to the side of the truck and went on our merry way. We only made it a short distance when we heard loud bang from the back of the truck. We pulled over to find the bungie cords we used had come undone. We re-secured the TV this time with rope and more blankets to protect it from any further impacts. Eventually it settled down and we made it back to Tampa in one piece. But something else happened on our way back to Tampa…

As we were leaving and about to get back on I4 to go home, we were sitting at a traffic light on Florida about to turn onto Memorial to get back to I4. Suddenly lots of police kept zooming by us, probably 10-15 cars, we had no idea what was going on. We saw tons of cops, an ambulance, lots of unmarked cars, and just a lot of police activity. We finally made it onto Memorial and were going down the road when we saw lots of people standing on the sides of the road and more police activity. We made it by the police as they just were coming out to stop traffic. We went a little further and saw motorcycle cops driving up and down the road looking for something. We went on our way and didn’t think much more of it. When we got back to Tampa, we heard what happened. Some guy (they think a drug dealer) shot two police officers and a dog. The dog and one of the police officers died and the other office is in critical condition. Last night there was a $15,000 reward for the capture of this guy. This morning, it was up to $40,000. I just now (at the time of writing this post) heard that they found the guy (think he was hiding in the woods) and they shot and killed him. So we were right there in Lakeland when all this happened just moments after it took place.

So we made it back to Tampa and decided to stop by the new house and drop off our loot into the garage. We were told to call the sellers agent for the code to the keypad of the garage door so we could get inside and unload out things. We tried calling and got her voicemail. We called over and over and were about to give up and leave after being there for about 30 minutes. Liz’s mom had just arrived to pick us up so we could leave the truck there until we heard from the sellers agent, just then the phone rang and it was her with the garage code. So we opened the door and unloaded the TV and entertainment center with the couch we got. Then we took the truck back to our house and were going to start loading more onto the truck. Liz had to leave at 2:30 to pickup Sarah from school, so she ate something quickly and left. Liz’s mom also left around that time. That left me home alone to load the truck. I was going to get as much loaded as I could and take a load to the garage so that when help came later, all we had left to move would be last minute things and the larger items I need help with. Well, once Liz left I got ready to go outside and haul stuff into the truck. I took my keys out of my pockets, and put my cell phone on the desk. I didn’t want to have a lot of stuff on me while moving. So I went outside and closed the door behind me. I didn’t realize until a few minutes later that I had just locked myself out of the house with no keys, no phone and no way back inside until Liz got back. Now Liz had to go take Sarah straight to Amanda’s house so she could watch the kids while we moved stuff. She also had to feed michael before she came back. So Liz didn’t come rescue me from my own stupidity until around 4:20pm. We originally thought that Thursday would be our only moving day since we had to be out of there for closing the next morning. So I was in a rush to get stuff loaded and moved, and was rather distraught that I had lost almost 2 hours of my moving time by locking myself out of the house. So Liz got home, and started to pack up more last minute things and I started loading more stuff onto the truck. I had put some things that were on the back porch in the truck already. Around 4:30 we got a call from our realtor, who said there was a delay on the buyers side and they were looking at a Wednesday closing now. So we had to unload what I had loaded onto the truck already, and help Liz finish getting what she needed. I then took the truck back to New Tampa and dropped it off. Liz took some things to Amanda’s house and they got Pizza for dinner. I got back from New Tampa to Amanda’s house around 8pm. I ate and helped get the kids to bed and left around 9:30. I spent the night alone at our old house since we still had most of our things in there. I didn’t want to leave it all there alone.

I got up this morning and came to work a little early so I could eat breakfast in the break room, since they provide pastries and bagels and such every Friday morning. Liz originally left me some milk so I could have some cereal for breakfast, but forgot to leave me some cereal. So I was stuck at the house with no food. I had a bagel and creme cheese for breakfast along with a yummy cheese danish.

I then got a call this morning from our realtor again with a few updates. Apparently I was not told of two more repairs to our house the buyers wanted done. Now I have to patch one more crack in the garage floor (which is normal in FL for a new house) and replace the air filter in the return on our hallway. The buyer is going to do his walkthrough on Monday while the appraiser is there.

So now we have reserved the moving truck for Saturday and Sunday just in case. Hopefully on Saturday we can get all of our stuff moved out of the house into the garage of the new house. I am meeting my realtor to get the truck at 9am tomorrow morning. This should be a fun weekend! And its killing me, I have that nice 57″ TV sitting in the new garage and no way to play with it until Wednesday! 😦 Maybe I will take my DVD player and some cables with me tonight and hook it up just to see it play. I’m so impatient.]]>

packing progress

I have several important things to setup before our move, such as informing utilities of our move and turning off the cable/internet. We also have to disconnect the computers/servers in my office area, so I’ll have to re-route e-mail for the weekend. Going back to POP3 is going to be interesting.

Fortunately we got a lot of packing done this past weekend. We only have some closets, the patio, some garage stuff and last minute items left to pack. I think it will be fairly easy if we do all the prep work on the larger items Wednesday night. So that on Thursday, it will just be loading and last minute item packing.]]>

Network and email issues

Next, I realized that my internet speed was very slow at home. I have a cable modem high speed internet account with Road Runner and also got the 10MB speed plan, so I should get close to 10MB down and 1MB up. After performing a speed test I found I was only getting from 200KB-600KB, which is obviously really bad. I submitted an online support ticket, but never did hear back. So I decided to do my own testing. I started to shut off my home computers/servers one at a time to make sure it wasn’t something on my home network causing the issue. I sthudown my backup server, ran another test, nope, that wasn’t it. I shutdown my exchange server, nope that wasn’t it. I shutdown my AD controller (sisko) and sure enough my speeds returned to normal. Sisko must have had some kind of issue that was causing severe network problems and slowing down my internet access speeds. I’m not sure if it was sending out data or receiving data, but it was flooding my network. I rebooted the server, disabled unneeded services, ran windows update, and checked for spyware/adware and found no problems. I assume its a symptom of a software issue in Windows that went haywire, or possibly the initial signs of a bad NIC or one thats on its way out. At least I know where to start looking now if it ever happens again.

So now both of my issues are resolved. I did make a few changes though, I implimented a secondary DNS service with rollernet for shorehost.com. I also got a new no-ip mail reflector account that does the same thing as rollernet, but it costs $$. I added this service to shorehost.com and churchgang.us. This should prevent any further loss of mail or service interruption in the future. I now have 4 backup MX records in my DNS zones for both domains, and this should provide way more redundancy than I really need. ]]>

LAN Games

For the past few nights I’ve been playing Unreal Tournament online with some friends. Its a lot of fun, even though I’m not very good and end up getting killed every 30 seconds (If I’m even that lucky). I setup a hosted game server on my PC (thinking about moving it to my backup server). I just wish I could enable multi player cheats on the server. I found some instructions for doing that, but they didn’t work. Oh well, its a lot of fun to play games against other people you know. Its also cool that I can run the game server over my cable modem. Now I just need more time to play.

BrightHouse all the way

I finally bit the bullet so to speak. For a year now we have had DirecTV for TV and Road Runner for internet access. Yesterday, I called and ordered Brighthouse service for both TV and internet. I will be getting Digital Cable, HD and DVR for less than I was paying for both DirecTV and RR. The installer will be here on Friday and I will be home that day to play with my new toys. I know that the DVR won’t be as good as the Tivo I had with DirecTV, but now that I have my DVD recorder and can easily still plan my recordings for a week in advance, I have no problems switching. I will certainly miss tivo, as its the best out there, but with cable I get more for my money at this point. Soon Verizon will be offering FIOS TV and internet in my area. When this comes out, I plan to order service with them as well, and try it for 30 days. Their services are cheaper yet, and also offer more for the money. If FIOS turns out to be as good as it sounds, I’ll likely make the switch to all Verizon FIOS. I surprise myself with this, since I can’t stand Verizon. I had cellular and home phone service with them for years, and had nothing but blunder after blunder with them. When I moved to Tampa, I got rid of Verizon and switched to Cingular, which has also turned out to have a few blunders of their own. As a side note, I turned down the higher speed increase to 10MB down on the internet now that I’ll be a digital combo customer. My goal here was to save money and get more value for what I was paying. Getting the increased speed would have cost me more than what I was paying before, so I declined that option. However over the next few months I’ll have to see how it goes, perhaps I can convince Liz to let me upgrade afterall.

Home Network – Part 3

Microsoft Active Directory:
My home network is built on Microsoft’s Active Directory. I use active directory to organize my user accounts (all two of them), my computer and group policies. With group policies I can set common variables for all my workstations, servers, etc. This way I don’t have to hand configure everything, its all automatic. Group Policies are a great way to manage your network workstations or servers. There are other solutions here, some people like to run Linux at home, and I’ll admit, I do too from time to time. I love linux, but there are still too many apps I use that require Windows. From time to time I demo some of the latest Linux distributions and try things out. I think its great, and if I had a 4th computer to run it on, I’d probably run a linux server or desktop as well. Some people like novell, some people like MAC, its up to you. This is just how I am doing thing. I have group policies set to add customization to my desktop mainly. Things like a browser title, automatic update settings, common software distribution, etc.

Domains, e-mail and more:
I guess I can’t go much further without explaining how I also do my domain names and websites. I’ll write more about this topic later on as a how to and what you should know for getting your own domain and website. But for now, I’ll keep it simple. I own several domain names which I use for various purposes. I have one domain that is for all my server equipment, like my hosting server that hosts my website and some other websites I host for people (for free unfortunately). These servers are in a data center and I simply “rent” the server from them on a month to month basis because its cheap and does what I want it to do. Plus they take care of maintenance and problems. Then I have a primary domain name I used to use for my hosting company’s website. The backend server domain ended with a .net and the primary domain is a .com. These extensions can be anything you like, but I stuck with a traditional format. Then I have a third domain for my personal website which is mainly for my family and my blog, etc. Here is where the bulk of my incoming and ougoing e-mail comes from, the other two domains are mainly for servers and a now closed hosting company. I do have some other domains, but don’t really used them yet. I’ll be expanding that later on as well.

E-mail:
So now you know I have a shared hosting server which hosts my websites and most functions of my domain names. Now when it comes to e-mail, you’d naturally assume this server also handled mail for my domains as well right? If you said yes, you’d be wrong. I’m using a service called Rollernet which is a mail forwarding service. Since my ISP restricts incoming traffic on port 25, it was necessary to setup SMTP on a non-custom port. However, this causes a problem because when someone on the internet sends me an e-mail, most mail servers only send mail on port 25. So if I’m running SMTP on a non-custom port, how do I get my mail? Here is how. Rollernet’s servers are listed as the MX records for my domains. This means, that when you send me an e-mail, its actually received on port 25 by rollernet. They take the mail, queue it, do some scans on it for viruses, spam etc, then they forward that mail to my home mail server on a custom SMTP port. Of course I have this port setup in my cable modem and firewall to allow it to be forwarded to my mail server which resided on my LAN. Now here is the complicated part. My home mail server received mail on a custom SMTP port and is received by NoSpamToday, which is my SMTP level SPAM filter. NoSpamToday (NST for short), filters for SPAM, viruses etc, and basically makes sure that the message is valid before it allows it in to my mailbox. Now NST is not a mail server, its just a SMTP server, so another component is needed here, thats where 602 Lan Suite (LS for short) comes in. NST received a message for me on a custom SMTP port. Once it makes sure that the message is valid, it then forwards that message to 602LS which receives the message on the standard SMTP Port 25. 602LS receives the message and performes a few checks of its own, like scanning it again for viruses, doing aother SPAM check and finally delivering it to my mailbox. 602LS also has a built in webmail server, so I can check my webmail from anywhere in the world. This is also where port forwarding comes in as the ports for webmail need to be setup to route to my home mail server from the outsite. Using my public DNS zone, I can add a record for webmail to my domain, so I can go to http://webamil.mydomain.com/mail and get to my web interface. This way I don’t have to use DynDNS or any of those services, since my public IP on my cable modem rarely changes. Now if it were to change, I’d have to manually update that in my DNS zone. So watch out for that if your using this scenario. I am aware of it and know what to do, so for me its not a big deal, but if your new to this, don’t set this up and wonder why it breaks 9 months later. Keep an eye on your public IP.

Lets now talk about outgoing mail. I don’t know if your like me, but I find myself in situations at work and abroad where I find that my company network or hotel network restricts SMTP servers to their own servers and won’t let you send mail using your own SMTP configuration. For example, at work I run a simple server monitor that sends alerts. But my company has a firewall in place that limits outgoing SMTP traffic on port 25. Now I bet your wondering where the SMTP component from IIS comes in to the picture from my previous post. Here it is. I am running IIS on my mail server but only the SMPT component. So I setup Microsoft’s SMTP service to listen on a custom port (different from my incoming SMTP port for normal e-mail from Rollernet). This way, I can setup my monitoring server to use my custom SMTP server at home to send the alerts. So in my situation, my monitor program detects a problem with a server in my office, it sends an alert to my home mail server on a custom SMTP port. My SMTP server then relays that message to my shared hosting server which then sends it to the desired recipient on a standard SMTP port. This way, I can use SMTP wherever I am, still get my messages or alerts sent and accomplish my tasks. This custom SMTP service is protected by a username and password and relaying with it is denied. Relaying on NST is also forbidden. Ok, so how about my home PC? Ok, simple, we use outlook on our home PC, so outlook is setup to send/receive mail from 602LS through POP3 and standard SMTP. We send a message from outlook, it is received by my home mail server on port 25, which then forwards that mail to my shared hosting server. Some ISPs also restrict outgoing SMTP traffic, so here you may need to setup a custom port on your public SMTP server and configure your mail server to send all outgoing mail over a “SmartHost” or custom SMTP configuration. My shared hosting server then delivers the mail over standard SMTP to the recipient’s mail server.

So in summary, yes this is a complicated setup, and no it may not be for everyone. But I will say this, there is a degree of pride that goes into setting soemthing like this up. Now I’m a Microsoft Engineer, so I’ve been doing networking for a long time. No this is not the way to go about setting up a business or large company. Obviously I’d recommend using Exchange or more powerful mail servers and betters ISP connections. But if your a techie and want to setup a really cool home network, this guide might just help point you in the right direction.

Other Services:
Lets talk remote access. So how do I manage this home network when I’m not home. Easy, RDP. There are lots of people around that don’t like RDP, its not very secure, and has its issues like any other software or technology. For me however, its perfect. I simply forward port 3389 from my cable modem to my firewall and from my firewall to my PC, I can remotely manage any machine on my home network. Now I took it a step further, and actually setup a custom RDP port on my other machines, like my servers and second desktop. This has the advantage of being easy to individually RDP into any machine on my home network without first having to remote into my home pc and then into another machine. In conjunction with DNS for easy naming, its a snap. All you need to remember is the custom port number for each machine. I only have a few so its no big deal, if you have many machines I’d recommend finding a better way, such as VPN. Through RDP I can remote control, and virtually manage any server or desktop on my home network.

Web management: I also use a program called Remotely Anywhere (www.remotelyanywhere.com). Its a great application that runs as a service on Windows. With it, you can remote control, Transfer files, totally manage all aspects of the machine right from a web browser. Its very robust and powerful, with tons of additional features too numberous to mention. Its one of the best web based remote control/management solutions I know of. This can also be setup on a custom port, so it will need port forwarding configured for it as well.

FTP: I used to have a NAS server with FTP setup so I could FTP directly to my RAID5 storage device. Now that its gone, I don’t really use FTP anymore so I removed it. I use an FTP site on my shared hosting server temporarily if I ever need to send anything through FTP. I can grab it from home later.

Internet Access: Because my cable modem and firewall do NAT, its very easy to provide for internet access to my workstations and servers on my home network. The firewall is the gateway on my network, and Microsof’t DNS handles all DNS related operations on my network. My DNS server is configured to forward all requests for external host names to my ISP’s DNS server. It then caches the results and can reply much faster to any requests my workstations or servers make. Internet access is basically a simple NAT solution provided by my firewall and cable modem.

Points of Failure:
With a system like this there are other considerations that need to be taken into account. Amoung them are power, redundancy, damage, replacement, etc. For example, if my power goes out what happens. Well for me I have my critical equipment on a UPS. Since this is a home network and not a critical system, the UPS will keep my servers and internet connection up and running for 5 minutes. This should be sufficient as long as the power isn’t out for long, which is isn’t usually. What if my firewall or cable modem goes bad. Well then I have a problem, as with my ISP I have to have them come and activate a new cable modem. So I’d first have to buy a replacement and then have them install it. This can be done usually by the next day. So what if my mail server or other network equipment is damaged. Well, for mail, if my home mail server becomes unavailable, mail will queue at rollernet, so I won’t loose any e-mail. I can even redirect that mail to my shared hosting server if I wanted to so I could get to it. If some of my network gear fails, it will obviously need to be replaced. I’d try to repalce it with exactly the same modem so that if it had a configuration with it, I could easily restore a backup config file to immediately get my network back up and running.

Security: What about security, how secure is this setup? Very secure. Even considering I have ports forwarded into my LAN from the outside. This often makes security experts very nervous and for good reason, but again, this is not the NSA, I don’t have anything on my home network worth anything to anyone but me. That is not an excuse for having bad security. First, I have a double NAT solution, so even if someone could hack in past my cable modem, they couldn’t get further than my firewall. If they could get past my firewall by some miracle, they would not be able to access anything on my network, since all network traffic between workstations and server is encrypted through Kerberos. The worst they could do if map out my network and find my IP addresses. DOS attacks are also a possability, but there isn’t much that can be done about that anyway. Again, I’m not saying good security isn’t important, and the measures I’ve taken are sufficient for my needs. Please don’t think I’m advocating bad security measures.

Thanks for taking time to read this post, I know it was long. Keep an eye out for more tech posts in the near future. I’ll also post some images giving you a visual of how all this works. Here is a simple visual aid of what I’m talking about above.]]>

Home Network – Part 1

1. First, lets talk basics. Connection type for example. I’m using a cable modem connection to the internet at home from Bright House Networks (RoadRunner). I only have a 5MB down and typically 45kbs up. I’m planning on upgrading this soon to 10MB down and 1MB up. Speed here is important, because getting into your home network is fast, incoming speed (download speed) is the fastest. So if your sending your home server a file or receiving a large e-mail attachment, your going to need that faster bandwidth. Upload speed is equally important, because any mail you send out of your home network or file your uploading are going to be slower due to upload speed restrictions from your ISP. I highly recommend getting the faster upload speeds if your going to attempt anything remotely similar to what I’m about to explain to you.

Hardware:
Cable Modem – Motorola SBG900 (previously used SBG1000)
Firewall/router – Netgear Prosafe firewall/router (not wireless)
Wireless AP – Intel 802.11G Access Point
Dell 16 port switch

The cable modem is your gateway to the internet. If your like me, your cable modem uses NAT (Network Address Translation), and has a built in switch. This is useful because you can directly connect your various devices to your cable modem if you wish and not need to purchase a standalone router to share your internet connection. Note: your standard ISP cable modem probably won’t have this feature. Also, if you use the USB cable to connect to the internet, none of what I’m about to write about will work for you. You must go ethernet if this is to work. Plus, USP doesn’t use NAT (typically), you will end up getting the public IP of your cable modem if you go that route. This will open up your PC to attack from the outside and is not secure.

What I do:
I have a variation of a DMZ setup on my home network. My cable modem has a switch so I can use it to connect any devices I don’t care about and easily want to make accessible to the internet. One of those ports (I have 4), goes into the internet interface of my netgear firewall/router. So to the firewall, my cable modem is the gateway to the internet. I let DHCP give the firewall/router’s public (internet) interface its IP address. You can set this to static if you want, but if you get a firmware upgrade or your cable modem gets an update, your likely going to loose any port forwarding entries or custom setup, so using DHCP will save you time later, and keep your home internet connection from breaking. (I’ll tell you a story about this later). Now the firewall/router also has a LAN ethernet interface, so I have a cable (cat5 ethernet), going to a 16 port switch for other devices to connect to. In my cable modem, I setup all the outside services I want to have available to forward those ports to my firewall/routers internet interface. This is still a private address (non-routable), but will still work as intended. So the cable modem is listening on various ports for various services I have running on my home network accessible via my cable modem’s public IP address. When the cable modem received traffic on a particular port, it has a port forwarding entry that says, “ok, you ware coming in on this port, you go to the firewall”. The firewall is sitting there listening for those same ports, and has various rules setup to deal with traffic on different ports. So when traffic comes from the cable modem on a particular port, the firewall says “Ok, your coming from someone I trust (the cable modem), on a port I know about, and this port is supposed to go to this IP address on the LAN. The firewall then forwards that traffic to the server/device or PC on my LAN that I want it to go to. Port forwarding is key here, so first you setup port forwarders in your cable modem to forward to your firewall. The firewall then needs to have rules setup for the ports you want to use, specifying which internal (LAN) host you want the ports forwarded to. Examples of ports to forward are POP3 for e-mail, SMTP (although usually must be on a non-standard port), etc.

Now for wireless connectivity, my cable modem does support 802.11G wireless access, but it would be access to my DMZ, which is not helpful to me because the things I want to access when using my wireless are on my LAN. Now I could setup more security and custom routes, to make this work, but its much easier to just throw an 802.11G access point into the mix and set it up on your LAN. This way you get access to only the network you want access to. I also don’t typically encrypt my traffic using wireless only because I’m not doing anything secure or sending authentication or password traffic in the mix. Typically its good to add encryption to your wireless traffic. I use MAC address filtering to allow only wireless devices I know about access to my LAN. This in itself can be forged and hacked, so be careful when setting up security on your wireless network. Don’t just go buy a wireless Access Point and throw it in your LAN without configuring it. It will grant access to anyone with a wireless device to your network resources.

Ok, so thats the nuts and bolts of what I’m using for hardware and a touch of networking on my home network. Next we’ll talk about server, software and services.]]>

To Fix or Not to Fix

a. Pay a huge amount of money for my dask to get torn apart and fix the heater cable
b. Wait and not spend un-necessary money on it, then trade it in next year

I also thought about buying a portable heater that plugs into the cigarett lighter port, but those have not worked out well for me in the past!

What to do, what to do…

]]>