Sunday, January 16, 2011

Improving Wireless Reception - Part 2

Introduction
At this point I am assuming you have gone through the steps of Part 1 of this exercise here and still have not improved your wireless access to your satisfaction.

Next Steps - Pick a Clear Channel
Now we need to bring up inSSIDer again.  Recall we installed this application in Improving Wireless Reception - Part 1 on Step 1.  Please see the output of inSSIDer below:


Take a look at channel 6 above.  There are overlapping SSIDs on this channel.  Let's assume for discussion sake that your SSID is HELIOS.  Note that there are other SSIDs on this channel as well.  We want to avoid this condition.  Normally a wireless router/access point will pick a clear channel but that is not always the case.  The point here is if your SSID is overlapping with other SSIDs, move your channel to a clearer channel.  If you go into the wireless settings of your wireless router/access point you can manually select what channel to use.  I, for example, put my PHOEBE access point on channel 11 which is completely clear and you can see the strong signal at about -30 RSSI.  

Once you have completed the channel change, re-survey your wireless signal in your home and see if your RSSI improves.  If it does, record the change.  Secondly you should disconnect and reconnect all your wireless clients.  Simply disconnect and reconnect to your SSID using the Windows wireless connection tools.  See below:


Simply click Disconnect and then the Connect button will display below your SSID.  See above.

Connection Issues Still Persist - Link Layer Protocol
At this point, the improvements will be more technical so you may need to read your manuals in more depth and/or read other articles on the web to help you with these steps.

Recall in Part 1 of this article we talked about the different wireless protocols.  For the consumer, they are:

  • 802.11a
  • 802.11b
  • 802.11g
  • 802.11n (sometimes called Draft N)

In Part One I did not go into detail about 802.11n.  It is the next generation of wifi access after 802.11g and provides speeds up to 6x faster that 802.11g, theoretical.  It does propagate through your walls better than 802.11g and has a double channel mode that permits connections up to 300 MBits/sec theoretical.  The specification also defines additional frequencies at 5Ghz.  You will see these wireless routers sold as "Dual Band".  I have not seen much in the way of wireless clients that support the 802.11n 5Ghz.  You will have a much clearer signal on 5Ghz, but 5Ghz frequencies do not go through walls as well as the standard 2.4Ghz frequencies.  Trade offs of course...

Here are the rules you need to follow now:

  1. Most importantly, get off 802.11b.  802.11b has the poorest signal propagation through walls.  If you have a wireless router/access point that only supports 802.11b, it's time to upgrade.  If you have a router that supports both 802.11b and 802.11(g/n) you need to disable 802.11b.  By mixing 802.11b signals with 802.11(g/n), it will reduce throughput.
  2. Accordingly, if you have wireless clients, perhaps an older laptop, that only supports 802.11b, you need to get a PCMCIA, USB, or Express Card wireless adapter that supports 802.11g/n.  Head over to you local MicroCenter or Frys and get your necessary upgrades.  The staff at Microcenter and Frys are very helpful.  Alternatively, you can purchase online at tigerdirect or newegg.  There are other online merchants of course, but I tend to stick with tigerdirect or newegg for my computer needs.  Just a matter of preference.  See below for some hardware recommendations.
  3. My general rule of thumb for wireless gear is do not buy the latest gear nor the gear that has all the bells and whistles.  I find there are more bugs in the latest gear that take time to work out.  I go for gear that has been out for approximately 2-3 years.  By doing so, more of the bugs have been worked out and this leads to higher stability.  This is especially important for your wireless router/access point.  I personally avoid the cheapest gear and avoid the most expensive gear.  Again, personal preference.
  4. Brand selection: 802.11g  This is a tough one to recommend as each hardware line of the major wireless vendors can have good and poor lines of equipment.  The classic line of wireless router that has been out for years is the Linksys WRT54Gxxxx line.  Both the older models (ebay) and the later models of this line are generally very stable.  Make sure you are running the latest firmware be it opensource dd-wrt or from Linksys.  Both have advantages and disadvantages.  For the technical minded ones, you will definitely want to use one of the open source firmwares.  Tomato and dd-wrt both have some nice "techie" features. 
  5. Brand selection:  802.11n  I have gone through several 802.11n wireless routers and they have been very unstable and subsequently I put them in my "wait for new software/firmware" box.  The only model I am going to recommend is the model I use now and has been stable.  It is the D-Link DIR-855.  I chose this model since it came out a few years ago, it has three external antennas, and they are removable to permit use of third party antennas.
  6. Antenna selection.  If possible, buy a wireless router with external antennas, the more the better.  Even better still, models that have antennas you can disconnect and install third party antennas are the best solution.  Do your home work, pull the specification details and find hardware that looks good to you.  Check reviews.  Note:  I did extensive reading on reviews and have been burned.  What I learned from this is generally see what the user rating is for the wireless router/access point.  If it is above average, then go to the vendor support forums and see what kind of complaints are posted about the gear.  Base your decision off the support forum primarily.
  7. For client wireless adapters, I do not have any recommendations.  The few that I have purchased from major brands have all worked fine.  Get the latest drivers from the manufacturer website.  Note:   if you are buying a wireless card for a desktop, you definitely need to get one that has a cable permitting the antenna to go on your desk or better yet on a shelf.  The common model, with two or three antennas sticking out of the card, are less effective because they are buried behind your computer, table, wall, cables, etc.  All these things attenuate the wireless signal and will give you poorer signal quality and throughput. 
802.11g or 802.11n
Which version should I get?  802.11g gear is cheaper and has a maximum throughput of 54Mbits/second theoretical.  Normally 802.11g is just fine for your typical internet user that reads mail, surfs the webs, pull down music from online music vendors, watches videos on youtube, etc.  Note:  802.11n will propagate through your house better than 802.11g by some margin.  If you have signal difficulties, go ahead and get 802.11n gear and run a pure 802.11n network on a clear channel.

Repeat Part 1
If you have replaced any of your wireless gear, you now need to go back through the steps of Part 1 of this article located here.

Still Hope
If you still have wireless signal difficulties after following Part 1 and 2 of this article, there is still hope in Part 3 of this article.  I will try to get it out as soon as I can.

If you are using this article and it is helping you or not, I would really appreciate some feedback.  If you are hesitant to post publicly, feel free to email me at john at mysnmp dot org.  I'd be happy to work with you individually.

Sunday, January 9, 2011

Improving Wireless Reception - Part 1

Introduction
This article is targeted at the non-technical or semi-technical user trying to improve their wireless reception at home.  Many people in my family and neighborhood ask me how to resolve poor (wifi) wireless reception in their homes so I thought I would share some tips and techniques I have suggested.  For clarity sake, what I am referring to is network wireless access as defined in 802.11a/b/g/n specifications and I am not talking about cell phone reception.

What is the difference between 802.11a/b/g/n
802.11b
802.11b was defined and implemented first for the consumer back in late 90's.  This provided a transmissions speed of 11 Mbits per second in best conditions.  11 Mbits per second equates to about 1 MByte/second in ideal conditions.  Note:   for the more familiar with networking, I am NOT getting into packet overhead intentionally.  This specification used 2.4 Ghz frequencies.  This implementation of  wireless access was widely accepted and was a huge step into wireless networking that had useful speeds.

802.11a
Next 802.11a came out for the consumer and used 5 Ghz frequencies.  It never really took off but is still available today.  5 Ghz frequencies are less crowded.  However 2.4 Ghz frequencies go through walls/floors much better than 5 Ghz frequencies.  Having not used 802.11a I am going to keep my discussion short on this specification.  However, I will mention, don't pursue setting up an 802.11a network.  There are better options.

802.11g
Following 802.11a, 802.11g hit the consumer market and is still the most common wireless access method today based on my scans in public spaces and neighborhoods.  No, I am not a hacker, I just "listen" to see what is broadcast.  The FCC permits anyone to listen to any frequency barring cell phone frequencies.

802.11g goes through walls/floors even better than 802.11b and allowed speeds up to 54 Mbits which equates to about 6 MBytes/second in perfect conditions.  Like 802.11b, 802.11g used 2.4 Ghz frequencies in 11 channels described well on wikipedia here.

Some issues with 802.11g include crowded space since other devices like cordless phones, microwave ovens, baby monitors, IP video monitors, and other devices also use 2.4 Ghz frequencies.  Needless to say, your neighbors are also using 802.11g and you may get interference from them depending on where you live.

802.11n
I am going to discuss 802.11n in part 2.  But in essence it is the next generation of wireless access after 802.11g.

Improving your wireless signal
Here are the steps I would follow to improve wireless access in your home.

1.  Create a baseline!  We need a metric to work against to see if we are improving the signal.  Download and install inSSIDer on your wireless laptop .  This simple, open source free tool will allow you to actually measure your signal and, more importantly, tell you what channels are in use.  Screenshot below:

Figure 1:  inSSDer screen shot
2.  Some notes on inSSDer.  Your have to select your interface and click Start in the top right hand corner.    This tool reports what wireless networks are in the area, what channels they are using, and the access status (open/encrypted).  Click on the RSSI column and sort the data so the highest number is at the top.  Note the numbers are in negative numbers so -52 is higher than -100.

3.  Now, the screen maybe overwhelming but we need just a little bit of information from it for our efforts.  Identify your network SSID, in other words, the network you connect to at home.  I will use CALLISTO in our discussion.  CALLISTO has an RSSI (will explain what this is later) of -72 and is on channel 1.  That's all you need to note now.

4.  Now take your laptop and go to places in your home where you like to work and have wireless access, e.g. kitchen, living room, etc.  For each room note the RSSI number for your network (write it down please!).  Note:  spend at least 1 minute at each location for the RSSI number to "settle down", then record the number.

5.  Now the work begins.  If your router/access point does not have external antennas go to step 6 below.  Make sure all connections to the router/access point are plugged in snugly.  Sometimes cables slide out.  Tighten the antenna connections, and put the antenna(s) straight up.  If they were already straight up, just tighten the antenna connection(s).  Next, repeat step 4 and take measurements and record them!.

6.  Make sure all connections to the router/access point are plugged in snugly.  If any connections were loose, repeat step 4 and record the measurements!.

7.  The biggest boost in reception is the next step.  Many people put their router/access point under a desk or table.  You cannot do that!  You lose about 25% of your signal strength if you bury your router/access point under a desk/table.  Put your router/access point in a high place in the clear.  What I mean is like on top of a shelf.  If you have no shelf nearby, consider mounting the router/access point on the wall up high.  Buy longer cables if it cannot reach your top shelf or ideal location.  Normally this would just be a longer ethernet cable available at Microcenter, Frys, Best Buy, Office Depot, Staples, etc...  Once you have moved the router/access point to the higher location, repeat step 4 and record the measurements!

Goal
We want the RSSI number to be as high as possible.  Again think negative numbers so -30 is higher than -80.  Ideally you want your RSSI number to be higher than -60.  You can still get connections between -60 and -70 but the connection will be very poor and intermittent.  I aim for RSSI of -50 and higher for my home network.

Your Homework
The location of your router and antenna position will directly influence your wireless reception.  Continue to re-position your router/access point and repeat step 4.  Again you are aiming for a high location that is clear of obstacles.  Ideally, router should be in the middle of the house.  If you have a router/access point without external antennas, turn the router in 90 degree steps and repeat step 4.  Find the position that provides the best reception for your house.

You have more influence on the radiated wireless signal if you have external antenna(s).  To find the best position for the antennas start with them straight up and record your RSSI at different locations.  Then, change the angle of the antenna(s) in small increments, 45 degrees, one antenna at a time and repeat step 4.  If you can visualize, each antenna normally radiates a doughnut shaped signal perpendicular to the antenna.  The important aspect to note here is there is almost no signal coming off the top or bottom of the antenna.

End of part 1
This is the end of part 1.  However, we still have more options for improving wireless reception.  I will try to get part 2 out in the next few days.

I'd really appreciate some comments, good or bad on this posting so I can improve it.  Questions are welcome too!

Friday, January 7, 2011

LastPass Multi-factor Authentication Methods

LastPass Multi-Factor Authentication
There are a few ways to use multi-factor authentication with Lastpass, an online password manager that supports multiple operating systems.  I am interested in two of these methods:  Sesame and Yubi Key.  Does anyone have opinions on either?  I am leaning towards Yubi Key however, each key is:  $25.00 where as Sesame is free.

https://lastpass.com/support_faqs.php#yubikey

Comments welcome!

Sunday, January 2, 2011

Gmail Account Security Breach - zorpia spam

Recevied zorpia.com spam
My son and I had an interesting security breach this morning with regards to zorpia.com.  We detected this when all of his gmail contacts were spammed with email from "invitation at zorpia.com" on his behalf.  All of his contacts were spammed multiple times with the same email that was essentially trying to get the recipient to click on links that pointed towards zorpia.com.  Let me explain how the events transpired:

OpenDNS
Since my son is blocked from zorpia.com via OpenDNS I knew he did not have an account there.  We discussed the issue and quickly realized some account of his was breached.  At this point, all we knew was the zorpia spam was sent to me and my wife.  Shortly thereafter, my son received a forwarded zorpia email from his grandfather asking about it.

zorpia.com email getting sent to his gmail contacts
At this point, we knew for sure it was something to do with his gmail account.  Since his password was "tight" at 9+ characters including punctuation characters, it was hard to believe someone cracked his password.  Especially since it was used no where else.  I asked him if had recently used a friend's computer to access his gmail account and he had not.  He did mention he brought his Mac over to his friend's house and they ran an "open" wifi network (shame on them).  Since my son has a Mac, the open wifi  did not raise immediate concerns.  I have has Mac buttoned up with ssh key authorization only.  We then ran a Norton scan on his Mac and it was clean.  His USB sticks were also scanned and were clean.  Home network scans on all home computers were also clean.

Firewall Check
My home network firewall (FreeBSD/IPFilter) is fully logged and very tight.  I ran some reports on the logs and nothing jumped out at me.  I actually put all log entries into mysql making searching through firewall data very easy.

Gmail Account Access Details
Lastly, I asked him to look at his bottom of his gmail page and look at what IP addresses were used to access his account.  I have a static IP address at home so there should really just be my public IP address listed since his Mac rarely leaves our house.  To our shock, the IP addresses were coming from several addresses.  I ran a few "whois" and most IP addresses pointed to the amazon clouds.  However, some where starting to show up from Japan in near real time.

Gmail Account Breached for Sure
Obviously, at this point we knew his gmail account was breached.  We changed his password to a nice 13 character password with the standard upper/lower case letters, numbers, and punctuation.  Fortunately, gmail provides a way to sign out all other sessions (thank you google!).  At this point, the breach was closed.

Notification
Lastly, we monitored the IP addresses his gmail account was accessed from and it continued to just remain from my public IP.  We emailed his gmail contacts about the issue warning them not to click on any zorpia emails from him.

Password Policies
This should remind all of us to:

  • Use passwords that contain upper/lower case letters, numbers, and punctuation.
  • I require my family to use fully random characters that do not spell anything.
  • Length of passwords, at least in my opinion, should be 14 characters long for all financial institutions.
  • Passwords can be shorter for sites with less security concerns, online forum perhaps.
  • Never use the same password anywhere.
  • Use some secure method to record your passwords.  There are several online services to help you manage them.  Some services use 3 way authentication which is what I require for my family.
  • Change passwords regularly which is easier to do using one of the online services.

In closing, it would be nice to think that the Internet is friendly and useful place and it certainly is.  However, security should always be a concern.  Hacking techniques constantly evolve and one needs to stay up to date on their computer/network security infrastructure.