Tuesday, 6 February 2018

Router security part 3 (Quad9)

You know how DNS works from part 2, so now it how to change your DNS.

my favourite 2 providers:
1 Open DNS family friendly. great for children's PC's, blocks known websites that use adult content and violent or disturbing videos.

2 Quad9. An excellent DNS provider to block known phishing websites, this is quite new, but already good and will improve in speed over time.

You can either change the DNS in your router settings, so all devices that connect to it automatically use your chosen DNS.

Or change to DNS in one or more devices directly, so you will be using your chosen DNS with only the the device/s you chose to use it on.

This will not stop all unwanted content or viruses, but will block all known websites that have adult or unsuitable content. So please be careful what you click on, and email attachments that you open. 

Router settings:
Log onto you router by entering 192.168.1.1 into your search tool-bar, then enter your admin user name and password, usually admin, admin or admin, password. Then go to DNS settings, usually under advanced or dynamic DNS settings, then replace the primary and secondary DNS servers with.

Open DNS
Primary        208.67.222.123
secondary    208.67.220.123

Quad9 DNS
Primary         9.9.9.9

Then save your settings, reboot your router and PC.

PC settings:
go to settings/control panel, then network settings, then replace the DNS servers with one above, then save your settings, reboot router and PC.

Thursday, 1 February 2018

Router security part 2 (how DNS works

Domain name system (DNS) is a protocol for how computers exchange data on the internet, this works by the DNS converting a domain name like "teapigs.com" into an Internet Protocol address like 176.34.129.129 that computers can use to identify each other on the network. 

Also, the last part of a web address makes it easy to recognise what category the website is in. eg. .com - commercial websites, .edu - educational organisations, .gov - government.

DNS is changeable through your PC or router as shown in part 3, this is useful for blocking content before it reaches you pc (if configured on your router), or changing the DNS on a single PC such as a child's PC to block adult content.

This works by the DNS provider having a database of know bad websites, whether that be phishing websites, adult content or extreme violence, which will be constantly updated, keeping the user as safe as possible.

Router security part 1 (basic settings)

Many internet providers use just a few default variables on names and passwords on their routers, I've even seen several routers on display in windows with the passwords in clear view, drive by attacks are also increasing, let's strengthen our default settings and encryption.

Access your router settings by typing your IP address into the tool bar of your browser usually 192.168.1.1, then entering your admin name and password usually admin/admin.

WPS- switch off, (this is easy to crack and there is a way to turn off the more secure WPA/2 encryption if this is switched on). so don’t enable both.

WPA/2- Switch on, this the better type of router encryption, if this is not available for your router use WPA.

UPNP- (universal plug n play) This makes life easy if you play online games enabling ports to open for the online game services, if you don’t need this, switch it off. (this is usually enabled by default).

SSID- (service set identifier) Change this to a name you will recognise but nothing linked to you personally such as your name/address etc.

Administrator password- change to a random, long password, use upper, lowercase and symbols to lengthen the time to crack.

Wi-fi password- again, use a good password, different from above, always use different passwords for everything that requires one, it’s not much inconvenience to use a long password as you don’t have to enter it frequently so make it a good one, Steve Gibson's perfect passwords is a good choice. https://www.grc.com/passwords.htm

Sunday, 17 September 2017

Raspbian back ups and shrinking

After backing up a 16GB SD card from my Raspberry Pi, it wouldn't restore on any other card, even though they are all 16GB???

Here is what I did: 

1:  Shrink the image on the SD card - use gparted to look at the image, select the main partition, then select resize and slide the arrow to just before where your image is written, (the darker part) leave about 10MiB of blank space to be sure your not going to overwrite your image and apply. 

2: Back up the image from SD card  sudo dd bs=4M if=/dev/sdb of=raspbian.img
this creates a backup image in your home folder 

3: Cut off the unused space from your backed up image with the following method.

a) fdisk -l myimage.img - this outputs the start and end of the image.

b) Use the end figure of the image in the next command to cut off that amount from the backup.
I will use the figure 4434269 as an example in the command below but make sure you 
replace my figure with your own one

c) run the next command to cut off the unused space on your image
 truncate --size=$[(4434269+1)*512] myimage.img 

(make sure you replace 4434269 with your fdisk end figure)

Now you can copy your image to another card to test, you should have saved a nice amount of space,
my image is now small enough to use an 8GB card card.

Tuesday, 16 May 2017

Ransomware precautions

lots of talk about the wanacry encryption virus that has spread lately, if you do the next steps regularly you should cut down your chances of getting hit, no need for paid antivirus, the default windows defender is fine and has been updating to keep up with this on a daily basis.

1 keep all devices updated & antivirus updated
(this will include patches to help prevent viruses)

2 don't open email attachments or pop ups.
(one of the easiest ways to get infected)

3 don't run as admin user
(most malware etc. will not install on your system if your running as a normal user without admin privileges)

4 back up offline and keep backup device offline.
(If you do get infected, you can wipe your hard drive and start again with your backup nice and safe, the virus will also encrypt your backup/s if connected to your network or PC in any way, so keep separate) a complete image backup is best, it's just 10 minutes to install the whole system back to the way it was this way and worth the planning ahead.

Sunday, 16 April 2017

Robot list

Iv'e been building robots lately, because I'm forgetful this is a checklist of stuff to install on SD cards.

1 Flash raspbian
2 Add ssh file to boot menu (so I can immediately login from SSH)
3 Add WiFi config file (so I dont have to set up on gui).
4 Add python files such as line follower program and set preferences to run as program

Boot and login via SSH

1 Run sudo raspi-config ...
change password
enable camera
enable SSH
enable I2C
enable remote gpio

2 Install explorer hat (or whatever motor controller your using)
3 Install inputs (sudo pip install inputs)
4 Update and reboot
5 Check everything works.


My WiFi config for quickness: (wpa_supplicant.conf)

ctrl_interface=DIR=/var/run/wpa_supplicant GROUP=netdev
update_config=1

network=
{
ssid="your ssid"
psk="your ssid password"
key_mgmt=WPA-PSK
priority=10
}

Saturday, 1 April 2017

My favorite Raspberry Pi projects

A list of my favorite Raspberry Pi projects.

PiDP-8
A clone of the PDP-8 computer, the face plate and switches are available as a kit from "Obsolesence guaranteed" website, it's an expensive kit at just over £100 (Raspberry Pi not included) with lots of tinkering longevity, avoid if you don't like soldering and a good few hours work, but the end result will give you a thing of retro beauty.


ISS-Above
A simple ISO image from ISS-Above, which you copy to an SD card, put in your Pi, connect to a monitor or TV for an out of this world live feed from the International space station, watching the sunrise it truly magnificent. 


Volumino
Limitless internet radio stations to listen to whatever your taste in music. I found "volumino" to be a great choice to write to an SD card, you will need some sort of Pi add-on to connect to speaker/s such as a Pirimoni speaker hat or for more power a Hi-Fi Berry amp, a nice simple interface, set your board type and wireless settings from your PC, phone or tablet, then lay back and enjoy a bit of Zen radio, bliss!


Retro Pi
The amount of games available for the Retro Pi image is staggering, I have a 32gb SD card almost full! Add different rom's once you have set up the main Retro Pi image for a trip back in time to Sonic the hedgehog or a classic ZX Spectrum game.


Pi Desktop
The latest Raspbian pixel image is perfectly usable for an every day computer now, the early Pi's were slow but the Pi 3 with Raspbian is a lot more polished, decent learning software by default and Minecraft is always great fun.

Router security part 3 (Quad9)

You know how DNS works from part 2, so now it how to change your DNS. my favourite 2 providers: 1 Open DNS family friendly. great fo...