sci.electronics.repair@googlegroups.com

Google Groups

"Mayayana" <mayayana@invalid.nospam>: Dec 23 12:03PM -0500 | > First, do you have a good, long password for | > your router? You should. Maybe 20 characters. | | The thing is that most routers don't allow a password greater | than 8 characters (from my experience). Sure, they'll *let* | you type a long password - but they'll take anything (or nothing) | after the first 8 characters. | | Try it. That's how "my" router works. |   I tried it. I entered the first 13 characters. It didn't let me in. I've never heard of an 8-char limit.   | > You didn't mention what computers you have. | > Assuming Windows... | | Oh, I have everything. Windows. Linux. OS/X. iOS, Android. | Printers. And other devices (like the playstation). |   I don't see any scanning or contact in my logs, but I also only use computers, with no networking, and get informed by my firewall about unrequested incoming. You may not have much option with Playstation. I assume it's not under your control. But you should have firewalls on your computers that will drop incoming requests. (Though that's one of the many shortcomings of Linux in my book. Last I checked, Linux firewalls could stop incoming but didn't monitor outgoing.)

Oren <Oren@127.0.0.1>: Dec 23 09:07AM -0800 On Wed, 23 Dec 2015 09:54:05 -0500, "Paul M. Cook" <pmcook@gte.net> wrote:   >Once the attacker is on the router, they can potentially get to any >computer or monitor anything or watch or whatever the reason they >got in for.   ...and run a packet sniffer that captures passwords, network traffic, etc. into a log file.   <http://netsecurity.about.com/od/informationresources/a/What-Is-A-Packet-Sniffer.htm>

Adrian Caspersz <email@here.invalid>: Dec 23 05:19PM On 23/12/15 03:55, Paul M. Cook wrote:   > But, I see the following (suspicious?) activity in my log file: > [LAN access from remote] from 93.38.179.187:9000 to 192.168.1.5:9000, Saturday, Dec 19,2015 06:42:41 > [LAN access from remote] from 177.206.146.201:9000 to 192.168.1.5:9000, Saturday, Dec 19,2015 06:41:54 ...   Informational logs, not a warning or critical error.   > Can you advise me whether I should be worried that there are many > LAN accesses from a remote IP address to a kid's Sony Playstation? > *****************************************************************   It's how the games can only work. Your uPNP enabled router is port forwarding that incoming traffic to a specific machine on your LAN, your kid's playstation. It would take a flaw, or a hack, in your router for this traffic to go anywhere else.   Personally, I wouldn't have a problem with it.   Try playing about with anything that uses peer-to-peer services like Skype, Spotify or torrent programs and you'll see much the same logs.   Have your kid take a break from that game and you both have a read of the following Microsoft ebook on   https://www.microsoft.com/en-gb/download/details.aspx?id=1522 or http://www.ownyourspace.net/   -- Adrian C

"Mayayana" <mayayana@invalid.nospam>: Dec 23 12:21PM -0500 | > That's interesting. I didn't know routers kept logs. Did | >you find that by logging in to the "control panel"? | | No, the control panel is on the computer. | | You have to go to the router. The address is in the manual. In | D-link and I think maybe all of them it's http://192.168.0.1   Yes. That's what I was referring to. I think of it as a control panel. I'm not sure whether it's called that. My web host, too, calls it a control panel when I log in.   | > | > I used to get a lot of attempts to get into my computer | >when I had dialup. That mostly stopped with cable, though | >I have caught my cable company, RCN, trying to get | | I had RCN too, dialup, but after years of their promising high-speed, | I decided they were kidding, so I had to go to Verizon. | | They said I could have email only, with no access to the net, for 3 a | month, but then 4 months later, with no warning, they took away my | ability to send email, and because of the way Eudora is set up, it's | not totally obvious how to change the settings to send only via | Verizon. (They also did 3 other bad things to me. And currently, | if my credit card number changes and the automatic payment doesn't | work, they told me I had told them not to send either an email or a | postal mail. I never said that. So 3 times over several years | they disconnected me with no warning, and one time they threw away all | my email, including any I hadn't downloaded yet. | | Later they raised it from 3 to 4 a month. | | Now if they won't notify me both ways, I asked to be notified by | email, but they said they won't do that. it's an email company but | they won't notify me by email. | | How has your customer service been? |   I've found the service to be very good. Customer service is 24/7, and seems to be American. Recently we got an upgraded modem because speeds were slow, and that seems to have fixed it. In the process they accidentally disconnected my separate RCN phone wire. But then they came the next morning and upgraded that as well, for free.   My only complaint is that they periodically raise the price for no reason. But then if we call up they agree to lower it again. ?? It seems to be the new strategy: Fleece the customer base and then be nice to anyone who complains. I suppose a lot of people are now on auto-payment and don't notice. Considering complaints I hear from customers of other companies, I feel very content with RCN. But I never had dialup with them.   I get ads about every two weeks for Verizon FIOS. They have several inches of tiny fine print, in light gray, that I can't even read with glasses on. There's no way to find out the actual cost of the service. It's like an ad out of a cartoon. I have no need for FIOS, anyway. Recently a salesman came to the door. He wanted to tell me that Verizon had some spiffy new wiring and that I should switch. I told him how Verizon keeps sending ads but won't even tell me what the product costs. He miled and said, "That's why I'm here." Then I said goodbye to him and closed the door. They must be making very big profits to justify sending out salesmen.   But that problem is not just with Verizon. A couple of years ago I went around to cellphone providers to find out what a basic plan costs. ATT/Verizon/Sprint/T-Mobile. All of them had plans starting at $40. Not one could/would tell me what the actual bill would be after the various scam fees and taxes were added on.

"Paul M. Cook" <pmcook@gte.net>: Dec 23 12:39PM -0500 On Wed, 23 Dec 2015 08:22:08 -0800, Oren wrote:   > Personally, I would turn off DHCP and manually give each machine a > static IP number.   I have never not used DHCP.   How do we do assign permanent IP addresses when devices come on and off the network all the time?   Do we attach the IP address to the MAC address of the device?   For example, if the Android phone is MAC address DE:AD:BE:EF:CA:FE, do we attach the IP address 192.168.1.10 to *that* MAC address from the router?   Or, is there some other way of doing it from the device itself?

"Paul M. Cook" <pmcook@gte.net>: Dec 23 12:41PM -0500 On Wed, 23 Dec 2015 09:07:46 -0800, Oren wrote:   > ...and run a packet sniffer that captures passwords, network traffic, > etc. into a log file.   I have run wifi-radar, kismet, and iwscanner, but the output is horrendously cryptic.   I hear there is Wireshark, AirShark, netstumbler, & netcrumbler, so, maybe one of those has easier to read output?

"Paul M. Cook" <pmcook@gte.net>: Dec 23 12:42PM -0500 On Wed, 23 Dec 2015 11:19:48 -0500, Micky wrote:   > I tried that but it highlighted the whole page, not just the data.   > So it was easier to use to the cursor to choose what to highlight.   In any browser session, you can also use "control F" and then type in what you're looking for.   Then select just that which you found.   F3 moves to the next find. Shift F3 moves backward to the previous find.

"Paul M. Cook" <pmcook@gte.net>: Dec 23 12:43PM -0500 On Wed, 23 Dec 2015 11:19:48 -0500, Micky wrote:   > Plus there are 20 pages of data, each requiring separate copying, so I > was hoping to get all 20 pages in one email.   Makes sense.   Let me know if you figure out the email because I didn't figure it out myself on mine, and my firmware is fully up to date.

"Paul M. Cook" <pmcook@gte.net>: Dec 23 12:46PM -0500 On Wed, 23 Dec 2015 11:24:52 -0500, Micky wrote:   > So that means it's an Apple device, like an iphone.   > Not that it's someone working at Apple, inc.!   If you can get an IP address like I did on my router logs, you can run a "whois" command which will reverse IP check.   https://duckduckgo.com/?q=reverse+ip+address+lookup   If it's coming from Apple, whois will tell you that.   Of course, most of the time "I" run it, the IP address is coming from China, but even that can be spoofed with VPN or some other means.

"Paul M. Cook" <pmcook@gte.net>: Dec 23 12:46PM -0500 On Wed, 23 Dec 2015 12:03:34 -0500, Mayayana wrote:   > I tried it. I entered the first 13 characters. It didn't > let me in. I've never heard of an 8-char limit.   Are we talking about the ROUTER "admin" password? Or are we talking about the ESSID encryption passcode?   They're different things. "I" was talking about the router admin password.

Oren <Oren@127.0.0.1>: Dec 23 09:53AM -0800 On Wed, 23 Dec 2015 12:39:11 -0500, "Paul M. Cook" <pmcook@gte.net> wrote:     >How do we do assign permanent IP addresses when devices come on and >off the network all the time?   >Do we attach the IP address to the MAC address of the device?   <https://tinyurl.com/hkqsa3t> The first link includes computers and gaming consoles.   >do we attach the IP address 192.168.1.10 to *that* MAC address from >the router?   >Or, is there some other way of doing it from the device itself?   Can't speak for the phone, sorry.

"Paul M. Cook" <pmcook@gte.net>: Dec 23 12:54PM -0500 On Wed, 23 Dec 2015 09:20:13 -0700, Tony Hwang wrote:   >> 1. The Admin password? >> 2. The SSID WPA2/PSK passphrase?   > PSK? How about AES?   I think you're talking about different things that have nothing to do with each other.   AFAIK, WPA2 is the strongest "we" can generally get (being normal homeowners and not corporations) on our routers.   For us, the PSK (pre-shared key) is the way "we" homeowners do WPA2. It just is.   However, if we were a corporation, we could do more with WPA2 than pre-shared keys, which, I don't remember what it's called, but it's some kind of rotating or assigned key that the IT department of the company can manage (instead of the router).a   What you seem to be talking about is the difference between various security options, such as: * WPA-PSK [TKIP] * WPA-PSK [AES] * WPA-PSK [TKIP] + WPA-PSK [AES]   All of those above are WPA2/PSK.

Oren <Oren@127.0.0.1>: Dec 23 09:59AM -0800 On Wed, 23 Dec 2015 12:41:36 -0500, "Paul M. Cook" <pmcook@gte.net> wrote:   >horrendously cryptic.   >I hear there is Wireshark, AirShark, netstumbler, & netcrumbler, >so, maybe one of those has easier to read output?   Encrypted packets will be scrabbled, so it is even more secure...   "...Another way to protect your network traffic from being sniffed is to use encryption such as Secure Sockets Layer (SSL) or Transport Layer Security (TLS). Encryption doesn't prevent packet sniffers from seeing source and destination information, but it does encrypt the data packet's payload so that all the sniffer sees is encrypted gibberish. Any attempt to modify or inject data into the packets would likely fail since messing with the encrypted data would cause errors that would be evident when the encrypted information was decrypted at the other end."

"Mayayana" <mayayana@invalid.nospam>: Dec 23 01:27PM -0500 | Are we talking about the ROUTER "admin" password? | Or are we talking about the ESSID encryption passcode? | | They're different things. | "I" was talking about the router admin password. |   Yes. I don't know why people are making this so complicated. There have been cases of routers being hacked, sometimes because they're set with default passwords that don't get changed. Not a big issue. Just one thing to make sure you have covered.

"Danny D." <dannydiamico@gmail.com>: Dec 23 07:50PM Micky wrote, on Wed, 23 Dec 2015 11:24:16 -0500:   > I noticed that because some families have so many wireless devices, > they've redesigned routers and now many are 100 to 200 dollars.   You can't go wrong with almost any "ac" router nowadays. An "ac1200" router will be just fine for almost any household.

"Danny D." <dannydiamico@gmail.com>: Dec 23 08:06PM Don Y wrote, on Wed, 23 Dec 2015 12:57:02 -0700:   > access control you expect to gain from *hiding* it is laughable! > Likewise, making it "obscure" -- "sdsf0gl9k2345s0d" -- won't > buy you anything.   Jeff Liebermann knows this stuff much better than I do, but here is what he taught me.   WORSE THAN YOU SAID:   1. If you hide your SSID, then your laptop has to look for it on purpose, which it dutifully does (that's how it finds it). However, that also means that when you boot your laptop at Starbucks, it *still* looks *first* for your hidden IP (because your laptop has no idea you're at Starbucks yet). Only after your laptop can no longer find the SSID it wanted first, does the laptop look for *other* broadcast SSIDs.   Hence, you have *worse* privacy at a hotspot when you decide to not broadcast your SSID at home.   MOSTLY TRUE WHAT YOU SAID: 2. Making your SSID obscure is critical if you want to stay out of rainbow hash tables. Anyone who knows YOUR SSID already can download a hash table that allows them to log into your router using the SSID as a "salt".   So you really really really want to have a UNIQUE ESSID! https://security.stackexchange.com/questions/92903/rainbow-tables-hash-tables-versus-wpa-wpa2   MORE CONSIDERATIONS: 3. In addition, you don't want your unique ESSID to pinpoint you, so don't name it after your last name or your address.   4. One more thing, the BSSID (i.e., the MAC address) of your router is what Google puts into its database when that spycar drives down your road. Short of putting up a sign saying "private road", you can't stop them from driving past your home and gathering your BSSID and those of your neighbors.   One thing you can do is change your ESSID to have "_nomap" on the end of it, which Google says they won't keep. Yes, I know, they expect the entire world to opt out manually that way, which is silly, but that's what they do.   Otherwise, you'll need to change *both* your ESSID and your BSSID (MAC address) periodically, so that Google databases no longer have accurate records. (You can't do anything about your stupid neighbors though, so, you're already doomed.)

Micky <NONONOmisc07@bigfoot.com>: Dec 23 03:42PM -0500 On Wed, 23 Dec 2015 12:43:31 -0500, "Paul M. Cook" <pmcook@gte.net> wrote:     >Makes sense.   >Let me know if you figure out the email because I didn't figure it >out myself on mine, and my firmware is fully up to date.   Well, I just googled and there is something called SMTP Server / IP Address     How to Find My SMTP Server IP Address http://www.ehow.com/how_5810894_smtp-server-ip-address.html Click "Start," then "Run" and type "cmd" in the box that appears.   Press enter. A command window will appear.   Type "ping," a space and then the name of your SMTP Server. For example, type "ping smtp.server.com" and press "Enter." The window will then try to contact the SMTP server by the IP address. It will say, "Pinging x.x.x.x with 32 bytes of data." The "x.x.x.x" will be the SMTP server's IP address.     So I'm debating whether I should put [ ] around the number and then it turns out, even without the [ ] there isn't enough room for the entire number!! Even thnough it's the standard length 3,2,3,3 = 11 plus 3 dots. So I removed the smtp value and put only the IP address, and sent it, and that didnt' work either.

Sam E <why.should.this@be.email.invalid>: Dec 23 02:50PM -0600 [snip]   > Encrypted packets will be scrabbled, so it is even more secure...   Scrabbled? You mean your router adds randomly-chosen letters to make new words?   [snip]   -- 2 days until the winter celebration (Friday December 25, 2015 12:00:00 AM for 1 day).   "[O]ld beliefs die hard even when demonstrably false." Edward O. Wilson, Consilience: The Unity of Knowledge, (First edition, New York: Alfred A. Knopf, 1998), p. 256.

Oren <Oren@127.0.0.1>: Dec 23 01:02PM -0800 On Wed, 23 Dec 2015 14:50:21 -0600, Sam E   >> Encrypted packets will be scrabbled, so it is even more secure...   >Scrabbled? You mean your router adds randomly-chosen letters to make new >words?   My bad. I should have said gibberish that looks like Japanese arithmetic.

John Robertson <spam@flippers.com>: Dec 23 02:05PM -0800 On 12/23/2015 7:06 AM, Paul M. Cook wrote:   > What is worrisome is that some of the entries don't come from > what I'd expect an online game to come from, e.g., Brazil, > Mexico, Japan, France, etc.   Turn OFF PING BACK.   In case it isn't already off. Then ask your IP for a new address - which can be as simple as turning off your broadband router for five minutes.   John :-#)#   -- (Please post followups or tech inquiries to the USENET newsgroup) John's Jukes Ltd. 2343 Main St., Vancouver, BC, Canada V5T 3C9 (604)872-5757 or Fax 872-2010 (Pinballs, Jukes, Video Games) www.flippers.com "Old pinballers never die, they just flip out."

Bennett <bjprice@cal.berkeley.edu>: Dec 23 11:57AM -0800 On 12/23/2015 5:09 AM, Tim R wrote: > http://www.dallasmusic.org/schilke/Brass%20Clinic.html > which is the one under discussion currently. You can see there is no date, no description, no publication, it's just a handout from a sales convention. > The other one is the famous Conn study which suffers from the same absence of the actual original report so it gets quoted by both sides.   Warning Off topic:   Thanks for the references. (I found the 'effect of lacquer' portion of Schilke's article really interesting and perhaps even convincing as my girl friend is considering de-lacquering her french horn) I play clarinet and the same sort of controversy exists for woodwinds - grenadilla vs. rosewood vs. delrin vs. ebonite vs. rubber, etc. In clarinets, it is clear that the performers are much more important than the composition of the instrument on which they're playing. But it's almost next to impossible to compare apples to apples since, as with brass instruments, the clarinets made of different materials also have different bore dimensions, undercutting, and other dimensional variations. And of course even with 2 instruments made of identical materials, one may cost $300, the other ten times as much. And 2 'identical' instruments, same make/model/vintage, may have subtle differences, particularly in intonation.

"Robert Green" <robert_green1963@yah00.com>: Dec 23 01:31PM -0500 "Poutnik" <poutnik4nntp@gmail.com> wrote in message news:n5df7m$4ro$1@dont-email.me... > from Russian so-, s- "with, together" + put' "path, way," from Old > Church Slavonic poti, from PIE *pent- "to tread, go" (see find (v.)) + > agent suffix -nik.   How about "KAPUTNIK"? Which I first heard in the Coen Brothers' " Miller's Crossing" - do you know its meaning?   -- bg

Poutnik <poutnik4nntp@gmail.com>: Dec 23 07:51PM +0100 Dne 23/12/2015 v 19:31 Robert Green napsal(a):   > How about "KAPUTNIK"? Which I first heard in the Coen Brothers' " > Miller's Crossing" - do you know its meaning?   I do not think it has Slavic origin. It is probably related to kaput .   http://etymonline.com/index.php?allowed_in_frame=0&search=kaput   -- Poutnik ( the Czech word for a wanderer )   Knowledge makes great men humble, but small men arrogant.

Chuck <ch@dejanews.net>: Dec 23 01:09PM -0600 On Wed, 23 Dec 2015 13:31:36 -0500, "Robert Green"   >KAPUTNIK It was a name of a character in 1960s Mad magazine.   --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

Chuck <ch@dejanews.net>: Dec 23 01:04PM -0600 On Wed, 23 Dec 2015 04:52:13 -0800 (PST), John Heath   >> ... Phil   >There is a third option. Stop being a hero. You can not fix everything. Phone the customer and say this is a tricky problem and that they are better off taking it to the manufacturer for service. You will lose money but gain some cookie points for being honest. Better still the manufacturer is now spinning their wheels trying to fix it not you which the way it should be if it is a design problem.     Many times in the past it is the warranty stations that figure out what the design fault is and the modification that needs to be done and notifies the manufactuer.   --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus

You received this digest because you're subscribed to updates for this group. You can change your settings on the group membership page. To unsubscribe from this group and stop receiving emails from it send an email to sci.electronics.repair+unsubscribe@googlegroups.com.