Review of my home broadband router logs (suspicious activity?)

Depends on what you mean by "good" passphrase because you don't need

*any* passphrase to break into WPA2/PSK encryption because the "salt" is known (it's the SSID!) and if you use an *existing* passphrase, you're already doomed.

So, you have to substitute *unique* for "good", and only then the rainbow table hack won't work to break into your router.

Just remember that there are negative security ramifications at Starbucks when you decide not to broadcast your SSID at home.

If you're OK with that tradeoff, then you're fine.

If you're unaware of that tradoff - then - you need to understand it.

Every boy (practically) in the USA plays those violent games.

If you don't have much control what he does on the internet, then perhaps you might feel more secure getting yourself a different ISP.

That can't cost that much.

--
Adrian C

I found the answer to this, where the computer boys play.

The router has its own clock, which can be wrong, like anything else.

To keep it correct, it has two possibilities. Automatic (Automatic time update with pre-defined NTP servers or enter customized NTP) Manual is the alternative, but I have Automatic checked.

I don't have anything in the customized NTP field and I have the interval for Automatic as 24 hours, the default, so that lets it get wronger and wronger for 24 hours until it gets corrected.

If the log were important, I could set the interval at as little as one hour. (it goes up to 72.) But I'll let it stay at 24. I'm glad to know how it can be wrong, when other times are a lot closer.

It's a shame I can't use this to peer into the future.

Instead of hidding the SSID I use an intermediate solution: increase the be acon transmission interval time. This setting is usually found in the Advan ced tab of many home routers and sets the time elapsed between SSID broadca sts.

By default it is 100ms, using longer times stops some devices from seeing t he network and reduces the chance a pass-by car or walker sees it. It requi res some testing to find the longest time that will work with the intended devices. It also reduces electrosmog and intereference with other wifi or analog vid eo senders (a transmission every 100 ms is very annoying but every 5000ms g oes unnoticed).

Up to 20000ms (20 seconds) has worked successfully with some laptops - at t urn on it requires some wait up to one minute until they see the network, t hen they work fine as usual and no dropped connections. Some devices will n ot see the network no matter how long you wait even if you had it set up be fore. Some devices see the network but drop the connection frequently.

5000ms (5 seconds) works fine with most devices and reduces dropped connect ions, still a few devices (one laptop and a D-link wifi repeater) do not se e the network. 1000ms (1 second) seems the best compromise between compatibility and elect rosmog/interference. No problems found with any device.

I have no idea what that advice is trying to tell me.

Oh well. Bye.

--
Adrian C

Heh heh ... An access point (AP) is just, for your purposes, an SSID. So, if your neighbor's SSID is "NEIGHBOR1" and on channel 1, then that's his "AP".

If another neighbor's SSID is "NEIGHBOR6",and on channel 6 then that's his "AP".

If there's nothing on channel 11, then you should put your router on channel 6.

However, if you have 5GHz available, then almost any 5GHz channel will be better because there will be no interference.

Each device you have is listening for an access point based on the channel first (because that's how radios work).

If your neighbor is on the same channel, your device first receives both his and your packets, but soon figures out which are from him and which are from you, and then drops those packets from him.

But that takes time. So, it slows you down.

oops. I meant 1, 6, or 11. That "3" was a typo.

Without knowing what channels are used around you, you're flying blind.

You "can" get the signal strength from the basic operating system, no matter which platform you have, but it takes knowing which buttons to press.

You mean router, not modem. Some "do" run a survey to see which channel is least congested. Many don't.

Here's my advice:

1. Run a survey on your computer or cellphone
2. Use an empty 5GHz channel (which will be easy to find).
3. If you don't have 5GHz, then use the least congested 2.4GHz channel. If possible, use 1, 6, or 11 if they're not already being used.

Typos again.

If there's nothing on channel 11, then you should put your router on channel *11*.

Thanks again.

There is parental control feature, several blocking method for certain ip address or MAC address, etc. with router firmware. Some times 3rd party firmware is more robust. dd-wrt is one example.

Thanks to everyone here, below is a summary I wrote of my current understanding of just the UPnP versus Port Forwarding issue for setting up the Transmission bittorrent client on Linux (Ubuntu) for optimal speed.

It's written in my words, so, if there are errors in my understanding, I'm fine with you pointing them out!

My summary of what was learned in this thread about UPnP & Port Forwarding

(0) The way things work is that an incoming request to WAN external IP 1.2.3.4 on port 12345 hits the SOHO router. Without port forwarding, the SOHO router will drop that request (or any request to any port).

But, with port forwarding, the router sees the external port WAN request for 1.2.3.4:43101 and it forwards that external port to a static LAN internal port of 192.168.1.10:43101, which the Transmission client is listening on for upload requests (which apparently require both TCP & UDP messages). (Transmission settings are in $HOME/.config/transmission/settings.json)

(1) Since bittorrent maintains two download queues, the first priority going to those who are uploading data and the second going to those who are not uploading data, if I'm not uploading data, then I will only download data when the first queue is empty.

(2) That means two different things if I don't open a port to the world: - For those people with public sockets, I will be in the first queue because they can get data from me even though I don't have a public socket myself. - For those people without public sockets, I will be in the second queue because, to them, I'm not uploading any data because I don't have a public upload socket open.

(3) Overall, not opening a port will probably increase my download times (depending on a combination of how many other people have public sockets open and on how full that first queue is).

(4) The *easiest* way to open a port for those external clients who do not have a public socket is to simply turn on UPnP on both the SOHO router and in Transmission. Optionally, if UPnP is turned on in Transmission, I can set Transmission to use a random port each time the application is started.

(5) The *safest* way to open a port is to turn off UPnP in both the SOHO router and in the Transmission app, and just manually forward a port in the router & set that same port in Transmission. Pick a random port between 49152 & 65535. The default is 51413.

However, there are a bunch of things you have to do in order to accomplish that task: (a) You'll need to have your computer on a static IP address on the LAN (e.g., 192.168.1.10). This can be set (based on the computer wlan0 MAC address) by the router, or, this can be set on the Ubuntu computer. (b) You'll need to select an unused external/internal port set to forward UDP & TCP packets to (e.g., port 51413) (This port needs to be between 1025 and 65535.) (c) You'll want to doublecheck your /etc/services files to ensure whatever port you chose is not being otherwise used. In my case, there are no ports in /etc/services between port 27374 & 30865, and only 3 ports higher than 30865 {57000,60177,60179}, so, all other ports are fair game. Application = trans

NOTE: There are other things you can set to improve Transmission speeds!

REFERENCES: