I was tired of my old Netgear wireless router, since i had to reset it every…hmm lemme think…1hr!! and i used to go crazy walking to it on the other room and reset it. But finally its all over, i got myself a nice and shiny new ASUS WL500g Premium. Trying to find it at SimLim Square was kinda pain in the arse, considering only one shop had it. The primary reason i wanted to get this particular router was, it had 2 USB ports (called Storage Link in Linksys terminology) making it somewhat of a NAS (Network Attached Storage). The firmware provided was all good, but i needed something better and what better than OpenWRT (http://www.openwrt.org), the open-source linux os for the router initially made for the Linksys WRT series routers but was later ported to routers made by ASUS, Buffalo etc. To make it more clear, this is what the creator of OpenWRT have to say about it.

"OpenWrt is described as a Linux distribution for embedded devices.

Instead of trying to create a single, static firmware, OpenWrt provides a fully writable filesystem with package management. This frees you from the application selection and configuration provided by the vendor and allows you to customize the device through the use of packages to suit any application. For developer, OpenWrt is the framework to build an application without having to build a complete firmware around it; for users this means the ability for full customization, to use the device in ways never envisioned."

What makes OpenWRT so great?

Well it depends on how much you love the word "Freedom". It lets you install everything from an OpenVPN Server,Web Server, FTP Server, Samba Server or a simple NAS server. and the best part its worth around 179 SGD and you get a low end server which always stays on. You could even use it as a bittorrent or an emule client to download stuff of P2P without even having to switch on your PC. It comes with all the goodies provided by the Linux 2.4 kernel.

Another project that complements OpenWRT is X-Wrt (http://www.x-wrt.org ) which is a web interface to configure OpenWRT based systems.

To get started I used the image http://downloads.x-wrt.org/xwrt/firmware_images/whiterussian/ 0.9/latest-daily-build/openwrt-brcm-2.4-squashfs.trx
which comes pre-built with x-wrt packages. And i used the TFTP method mentioned in OpenWRT Wiki to update the firmware

1. Connect your PC to the routers with one of the LAN ports on the routers.

2. Set your PCs IP to a static IP (ex: 192.168.1.10)

3. Unplug the power cord on the router

4. Push the RESTORE (not the red EZsetup!!!!) button on the router using a pen or such, and keep the button pushed down.

5. Plug the power on the router while keeping the (black) RESTORE button pushed for few seconds.

If you see a slowly blinking power light, you’re in diag mode. Now the router should accept an image via tftp.

6. On the PC open up a cmd window.

7. Type "tftp -i 192.168.1.1 PUT openwrt-brcm-2.4-squashfs.trx" and press enter in the command window.

8. After the tftp upload is complete, wait at least 6 minutes. Asus WL-500gP doesn’t seem to reboot automatically after the upgrade is complete. You need to plug off the power, and plug it back on to make the router alive again.

after the router is back up. goto http://192.168.1.1 to get access to the x-wrt management interface.

and don’t forget to use the mighty SSH to login to the router and let your imagination run wild!

Comments(0)

Well i’ve been having this problem for a long time, with script kiddies trying to run scans on my server with Dfind (http://class101.org ).

These are some of these request from the apache server logs

All this while i’ve been lazy , but today i felt like trying something to fix it. What i’ve come up with is this

This is one of the things i wrote to get all the list of IPs from the Apache access logs who have been running these scans. Well the purpose of this is to feed these IPs to APF (http://www.rfxnetworks.com/apf.php ) the output of this is pumped to /etc/apf/deny_hosts.rules to block any of these lamers from further accessing my server ^_^

Only problem is for some strange reason, I couldn’t pipe the output of the command directly to /etc/apf/deny_hosts.rules. The file always ended up with output of "grep "w00tw00t" /var/log/httpd/access_log*|awk ‘{print $1}’|sed ’s/\(.*\)://g’|sort|uniq". Well maybe i’ll figure it out sometime later. SLEEPP!! awaits!!

Comments(0)

Want to setup a VPN? but don’t have the time, or you are just plain old lazy to setup something like OpenVPN? Well then Hamachi is for you!.  Hamachi is a zero-configuration virtual private networking application with an open security architecture and NAT-to-NAT traversal capabilities. Ok, why a VPN? u ask. An IP VPN is a partitioned private network constructed over a shared IP-based backbone that utilizes technologies to ensure privacy of data, so you can setup your own private network over the internet and still communicate with the peers securely. You can setup a VPN just to do something very simple as playing a multi-player game over the internet and simulate a local LAN. Setting up Hamachi is a piece of cake!. Just download the windows installer if you use windows or get the tarball of the binaries for linux. Setup is as simple as running the installer and you are all set to go :b

But Hamachi is not a replacement for something like OpenVPN it still has some disadvantages

- dependends on a third party mediation server - if necessary, you can firewall your Hamachi connection (although this sort of negates the convenience of not having to open up ports on your computer for certain games that you would have if you don’t firewall your Hamachi-NIC: the regular NIC would still be firewalled without problems as things are being tunneled), but firewalling your connection is global for ALL Hamachi networks you have joined whereas OpenVPN creates a separate virtual NIC for each "network" that you and your peers create

- some games act up with the predefined 5.0.0.0 mask 255.0.0.0 network, which in Hamachi you cannot change, although a workaround would be IPX on all Hamachi clients if the game supports it. In OpenVPN you decide any IP ranges and settings yourself

- so far, Hamachi cannot be "bridged" with other NIC’s on your system like you can with OpenVPN or at least I haven’t been able to

- perhaps Hamachi cannot be forced into promiscuous mode which is necessary for this to work or simply refuses to use static IP addresses if you manually enter the 5.0.0.0 address

- no Windows 98 support, which some gamers still use especially with older games that require IPX or even NetBEUI.

You can get Hamachi from http://www.hamachi.cc/

So what are you waiting for? go, give it a try!  

Comments(1)