Networking Connect all your devices and enjoy the perfect home network
Your Wi-Fi problems solved
The best advice for Windows, Mac and Linux
6 | The Ultimate Networking Handbook
Contents At Home Network your home, share files, fix your Wi-Fi and more 10 12 22 26 38 50
Set up your PC network Networking secrets revealed Manage your network with free tools Get super-fast Wi-Fi in every room! Banish all wires Stream machines
The Cloud Use online storage and apps to their full potential
58 64 68 72 82 84
One drive to rule them all Store files in Google Drive Harness G Suiteâ€™s power iCloud Secrets Make apps better with IFTTT Make more of Dropbox
Easy Projects Take control of your network with these hands-on ideas 88 98 100 102 104
Protect your privacy Control your PC remotely Share your net connection Access your PC from an iPad Hack a wireless router
Advanced Projects More involved projects for the true networking wizard 110 114 118 122 126 132 134 138
Stream TV with a Raspberry Pi Detect and record movement Build a PiBot monitor Set up a gateway Build the perfect media server Codecs explained Set up your own cloud service Homebrew your own NAS
The Ultimate Networking Handbook | 7
8 | The Ultimate Networking Handbook
Contents | At Home
At Home Network your home, share files, get better Wi-Fi and more 10
Set up your PC network Connect to multiple networks easily in Windows 10
Networking secrets revealed The fixes for poor range and connections are often simple
Manage your network with free tools Diagnose reoccurring problems quickly with these smart solutions
Get super-fast Wi-Fi in every room! Wi-Fi is the most important part of any home network, and often the most problematic
Banish all wires Wi-Fi networking is very simple – until it’s not!
Stream machines In-home game streaming has truly arrived, but it’s a Wild West of new tech
The Ultimate Networking Handbook | 9
At Home | Network Tools
Manage your network with free tools Are you having annoying network issues? Diagnose them quickly and easily with these lightweight utilities
Network Stuff Finding out what’s happening on your network normally involves lots of tools, yet Network Stuff (downloadable from http://jacquelin.potier.free.fr/ networkstuff/) manages to cram them all into one portable application. It’s strong on the basics – for instance, it can display your IP addresses, scan your network for other systems, reveal MAC addresses and run graphical ping or traceroutes. Network Stuff can also display all your open network and internet connections, as well as use built-in Whois and DNS tools to get more information on IP addresses. It can even remotely wake up or shut down other systems on your network.
“Changing your DNS settings can improve your online security – it could even give you access to sites you couldn’t reach otherwise”
DNS Jumper Changing your DNS settings can improve your online security – it could even give you access to sites you couldn’t reach otherwise, and improve your browsing speed. And that’s where a utility such as DNS Jumper (from www.sordum.org/7952/dnsjumper-v2-0/) can help. This tool comes with a list of DNS alternatives, too. If you’re not sure which is best for you, it can test them all to find the fastest. When you’re happy, it applies your preferred DNS settings in one click – the program can even back up and restore your original settings to reduce the chance of future problems.
22 | The Ultimate Networking Handbook
Network Tools | At Home
RawCap Packet sniffing – capturing network traffic for analysis – can be invaluable when diagnosing network problems, and there aren’t many programs that make it as easy as the very lightweight RawCap (from www.netresec.com/?page=RawCap). The program is a command line tool but it’s also easy to run from Explorer. Just double-click the file, choose your network interface, enter an output file name, and that’s it – the program captures raw packets and saves them in a pcap file. Unsurprisingly for a 20KB tool, there’s no help here to interpret what the results mean, but you can open the file in Notepad, too, which will give you a start in analysing the results.
Fast Software Audit If you manage a PC network, you’ll know it’s important to keep track of the software your users are installing. You could check this manually, or invest in some big corporate inventory tool, but the ultracompact Fast Software Audit – which is portable and only 160KB – could be what you’re looking for. Just enter the network names of the computers you’d like to audit and it scans them, revealing the list of installed applications. However, keep in mind that your systems need the Remote Registry service to be running for this to work. Download Fast Software Audit from www.cjwdev.co.uk/Software/ FastSoftwareAudit/Download.html.
CloseTheDoor Portable When you want to secure your network, it’s important to understand which processes are listening for connections, and the portable CloseTheDoor (from http://closethedoor.sourceforge.net) tells you everything you want to know. With this tool you can check the network interface, ports, protocols and related Windows services. All this info can seem baffling at first, but CloseTheDoor can help. Right-click something and you’ll find options to search the web for information on the process, port and how it’s generally used.
BlueLife Hosts Editor The HOSTS file can be used to tell Windows the IP address of various network or internet resources, which enables you to improve performance or block some sites or resources. Windows doesn’t make it easy to access HOSTS but BlueLife Hosts Editor provides all you need. Download it from www.sordum.org/8266/bluelifehostseditor-v1-1/, launch the program to view your HOSTS file, then add or remove entries to suit your need. But be warned – if you try to block a site you’ve just visited, it looks like the app is not working, because Windows will have cached the previous IP address. Save the new file, click ‘Flush DNS’ and everything will be okay.
The Ultimate Networking Handbook | 23
At Home | Go Wireless
Banish all wires
Wi-Fi networking is very simple – until it’s not! But we’re here to help…
ou could be forgiven for thinking that wireless networking is a breeze, if all you want from it is to connect your PC, tablet, and smartphone to the internet to surf, email and download apps. But if you live in a house with thick walls, need access from different rooms or an outbuilding and regularly transfer large files, you’ll know that optimising your network is essential. So should you keep the router your broadband provider gave you or invest in a new one? How do you extend the network’s range? Should you set up and bridge up a second network? What about security? One addition to consider if you’re having trouble accessing your router wirelessly from a room or section of the house is to use Powerline to bridge the gap. By using your mains electric circuit to carry data, Powerline allows you to access your router from anywhere there’s a power socket; just plug one adaptor into a power socket next to your router, and connect it to the router with an Ethernet cable. Plug another adaptor into a power socket in the room from which you want to connect. Then you can either connect a laptop directly to
2 Extend the network range
the adaptor with an Ethernet cable, or buy an adaptor with a built in Wi-Fi access point so you can connect to it wirelessly. Alternatively, you can connect a wireless access point to the second Powerline adaptor via an Ethernet cable.
You now know how to extend the range of a wireless network using Powerline, but if you’d rather stay completely wireless, there are other options. You could move your router; generally the higher (without being too close to the ceiling and more central in a room) the better. Keep it clear of walls for a better signal; don’t stick it in a corner, on the floor or behind the sofa! You could also upgrade its antennae (if it has external antennae), or even make your own parabolic reflector (for more information, visit instructables.com/id/DIY-WIFI-AntennaReception-Booster) that attaches to the antennae and bounces the signal in the direction of your device. If your router is old and doesn’t support current standards, you could buy a new one, connect it your DSL modem/router by Ethernet (if you don’t want to invest in a new modem/ router or you’re a cable customer) and set it to bridge mode, and then use it as your wireless access point.
1 Set up a guest network
You may want to allow guests to get online using your wireless router (but don’t want to allow them to access the rest of your network – printers, network storage, computers and more). The solution? Create a guest network. Most modern routers allow you to do this; with an Apple router, for example, click the Wireless tab of AirPort Utility and then click the checkbox next to Enable Guest Network. Give it a name and password and click Update. Guests, with the password, can now use that network. Don’t leave it unsecured for convenience – anyone walking past your house or parked outside could use it to access the internet.
38 | The Ultimate Networking Handbook
Go Wireless | At home Buying a wireless repeater or extender may seem like an obvious solution, but it comes with flaws. The idea is that the wireless repeater sits at the outer edge of your network and re-broadcasts the signal. One problem is that Wi-Fi signals are omni-directional, so as well as chucking the signal further outwards, the repeater also chucks it back towards your router, causing interference and potentially degrading the signal. Since repeaters need to be close to the original access point to be effective, this somewhat defeats the object. Finally, Wireless Distribution System (WDS), used to connect access points to each other wirelessly, doubles the number of ‘hops’ needed to connect to the main network; one hop from your device to the extender and another from the extender to the router. Because the repeater has to receive incoming hops and transmit outgoing ones, its capacity – and that of your connection – is effectively halved compared to connecting directly to the router.
3 Add a network in the shed
Sometimes it’s worthwhile setting up a second network, rather than bridge an existing one. In our example on the left, we have an wireless access point in the shed connected to a Powerline adaptor, while in the house another Powerline adaptor is connected to the main router. The access point is set to Bridge mode and has a different SSID to the router. Radio mode and channel selection (often hidden behind Wireless Options in the configuration utility) are set to automatic. Most of the time, devices automatically connect to the access point with the strongest signal, but having a separate SSID, and in effect a second network, allows the user to easily see which access point is connected and manually change it if necessary. Printers, NAS boxes, and other devices connected to one access point can still be accessed by a computer, smartphone, or tablet connected to the other. This is similar to roaming, but in that case, you’d set the SSIDs to the same name and have just one network.
4 Buy a different router
If you’ve recently switched broadband provider, or have upgraded to your existing provider’s latest router, you don’t need to worry about upgrading. Most ISPs (including BT, Sky, and Virgin) have excellent wireless routers that offer the latest 802.11ac protocol and dual-channel access. If you have an older router, however, it may be time to think about upgrading. Features like simultaneous dual-channel (see right), 802.11ac support, multiple antennae (external antennae offer more flexibility in positioning but internal are neater), and a WAN port with support for at
least ADSL2+ should be at the top of your list. The best modem/routers support VDSL at speeds up to 100Mbps, have a 3x3 antenna array and support wireless network throughput up to 450Mbps. The best routers will set you back around £150, although you’ll have to pay a little more (£169 from Apple) if you want an AirPort Extreme Base Station.
5 Make sure you’re secure
Wireless network security is a growing issue. We’ve had reports of problems with public Wi-Fi networks being used to steal private data (never connect to your online bank or any other site that requires a secure connection from a public Wi-Fi hotspot, even over a secure connection). If you must access sensitive information from a public hotspot, use a VPN. Some providers, such as BT (btwifi.com/ help/security/vpn-software.jsp) offer free VPN software for download to your Mac, and a profile that you can install on an iOS device. Connect to the hotspot using a VPN and everything you send will be encrypted before it reaches the public Wi-Fi network.
“Sometimes it’s worth your while setting up a second network rather than bridging an existing one” To secure your own Wi-Fi access points, choose WPA2 as the security method and choose a strong password. Don’t keep the SSID or the password given to you by your broadband provider – the same applies to the username and password for your router’s admin webpage. You could prevent your router from broadcasting its SSID, so no one in your neighbourhood will know you have a wireless network (technically the SSID could be ‘sniffed’ – but that’s unlikely). This, however, is the kind of occasion when the security benefits are outweighed by inconvenience – you have to manually type the name of your network every time you want to connect a new device. Alternatively, for the slightly less paranoid among you, there’s the option of switching off options in your router’s software that allow you to connect to it from outside your own network. If you want or need to leave those services switched on, and if you can, specify that they HTTPS to connect. Finally, whenever you’re finished working in your router’s admin web page, make sure you manually log out.
Wi-Fi Standards Most routers on the market today are dual-channel – that is, they support both 2.4GHz and 5GHz frequencies. The 2.4GHz frequency was part of the 802.11b and 802.11g standards and so was widely supported by Wi-Fi clients. That, together with the fact that 2.4GHz is also used by Bluetooth and other wireless technologies, means that the frequency is very congested. So when 802.11n was ratified, it supported 5GHz and 2.4GHz, and the newest standard, 802.11ac also supports both channels. Routers vary in the way they provide dual channel support. Apple’s AirPort and Time Capsule routers give both channels the same SSID by default (although you can change that in AirPort Utility) and automatically assign devices to each channel. Other routers have different SSIDs and allow you to choose which to connect to. If you elect to make a manual selection, remember that 2.4GHz has a greater range but is more congested, while 5GHz has more space but offers a shorter range. In addition to dual-channel support, newer routers are also able to communicate with 802.11g and 802.11n devices at the optimum speed for each device. Older routers, however, will run the whole network at the slower speeds supported by 802.11g if there is an 802.11g device connected, even if every other device supports 802.11n. If all you’re doing is surfing and checking email or using social media sites, you may not notice. If you’re moving large files around your network, you will. Other technical terms to be aware of are MIMO and beamforming. The former means a router has multiple antennae and uses them to increase throughput. Beamforming describes the ability of internal antennae to focus the signal power on connected devices.
The Ultimate Networking Handbook | 39
The Cloud | iCloud
Photos syncs all your images… and your edits
hotos, which started life on iOS and is now on macOS, is Apple’s replacement for iPhoto and Aperture on the Mac. It automatically syncs your photo library to iCloud, so every shot is available on all your devices. Synchronise your iOS device’s photo library by going to Settings > iCloud > Photos. Make sure the switch beside iCloud Photo Library is turned on and choose whether you want to keep optimised versions on your iOS device, or uncompressed full resolution originals. Either way, the full quality originals are stored in iCloud. To edit a photo, select it, then tap Edit. On iOS, as well as cropping, applying a filter and automatically enhancing your shot, you can
Edit on the page When creating a photo book, you can apply filters on the page rather than tweaking the copies in your library before you place them. Drag them from the filmstrip onto a page. Double-click that page to enlarge it, then the image on the page to edit it, apply a filter and adjust its framing.
More flexible editing Access Photos’ full range of editing tools by selecting an image and clicking Edit on the toolbar, followed by Adjust in the sidebar. This launches with only three options: tweaks for light, colour, and black and white. Add others by picking them from the Add menu at the topright. Notice the blue tick that appears beside any setting you’ve adjusted. You can click this to toggle the effect off or on to see how it affects your picture.
76 | The Ultimate Networking Handbook
tweak the colour, light and monochrome style. (macOS lets you do more, as you’ll see in the tips on this page.) When you edit an image, Photos just tracks your changes and applies them on the fly. You can roll back to the original at any time by editing again and choosing Revert. Your changes are synced to iCloud and made visible – and revertible – on any of your devices. By default, your Mac user account’s System Photo Library, which is the only one synced to iCloud, is stored in your Pictures folder. If your startup disk is low on space, you can move the library to another drive and double-click it there to open it in Photos, then click ‘Use as System Photo Library’ in the app’s General preferences.
Setting up Photos for the first time involves passing a lot of data back and forth between your devices and the iCloud servers. If your connection is straining, the process can be suspended on a Mac in Photos > Preferences > iCloud by clicking 'Pause for One Day'. It can be resumed sooner in the same place, perhaps to let it finish overnight.
Private Libraries You can set up multiple discrete libraries on your Mac, but only the System Photo Library is synced to iCloud and your iOS devices. Use this to your advantage to create a separate library of images you want to keep on your Mac by holding å while opening Photos. This displays a window from which you can choose the library that the app opens. Here you can create a new library, or import an iPhoto or Aperture library.
Find faces faster Photos lets you index your images according to who’s in them. Get started by clicking on People under the albums tab. You’ll be shown a strip of faces it has already found in your pictures (and likely some false positives, such as pets and inanimate objects). Apple’s instructions are to double-click one and type that person’s name. Doing this for every picture is tedious, but you can save time after you’ve named someone just once by dragging any suggestions of the same person from the strip onto their circle in the top part of the window. They’ll be named automatically.
iCloud Photo Library tips
Take a break
iCloud | The Cloud
Set up an iCloud Keychain Access website logins and bank cards on all your Apple devices
emembering login details for a multitude of websites isn’t easy. Passwords either end up being difficult to remember, or you make them so simple that they’re easy for others to work out. But Safari and many other web browsers can save your credentials so you can set a stronger password and never have to memorise it. You might want to log in to the same websites on an iPhone, iPad, iPod touch or another Mac. iCloud Keychain saves you the tedious task of having to enter the same login details on all of your devices. It can remember bank card details as well – but it won’t store the security code from the signature strip. Apple says that your iCloud keychain is protected with high-level 256-bit AES encryption too. With Keychain set up, the first time you log in to a website from one of your devices, it’ll ask whether to record your details. This isn’t compulsory, and you might decline for sites that contain sensitive data. However, if you allow
details to be stored, they’re synced to iCloud Keychain. From there, they are sent to your other devices, saving you the hassle of having to type them. When you visit one of those sites in future, Safari automatically fills in the login form. All you have to do is tap a button to submit your details. When you set up iCloud Keychain, you can create an iCloud Security Code, a four-digit code similar to an iOS device’s passcode, or you can have a more complex code generated for you. The iCloud Security Code is used to authorise additional devices to use your iCloud Keychain.
Keychain saves you having to enter the same login details on all of your devices
Quick Look Keychain in action Secure your keychain Setting up iCloud Keychain involves more than just ticking a box in iCloud’s preferences. You’ll need to set a security code, and remember it to sync the keychain to additional devices. 1
Safari asks for permission iCloud Keychain depends on Safari’s AutoFill feature. When both things are 2
turned on, Safari recognises when you log in to a website and asks permission to save the details to your Keychain.
Bank card details Safari can store bank card details, too. They can later be modified and removed in Safari’s preferences, under AutoFill > Credit Cards > Edit. Changing the card number requires your Mac user account’s password. 3
The Ultimate Networking Handbook | 77
Easy Projects | Online privacy
Avoid being tracked by spoofing the MAC address of your network card, such as ifconfig eth0 hw ether 0A:A0:04:D4:AA:11.
Privacy conscious users often pick a service operated from outside their home country. However, the better choice is to choose a service that has servers in multiple locations.
Embrace the onion
Did you know? According to Edward Snowden, monitoring network activities is more efficient than attacking systems, so the NSA has programs that intercept consumer hardware, such as laptops and routers, and turns them into surveillance devices which can be turned on remotely.
Another way to bypass censorship and maintain anonymity is to use a proxy server tool. The most wellknown of these is the Tor network. Tor, an acronym for The Onion Router, is a software that creates a network to allow people to browse the web anonymously. It creates a network of relay nodes across the Internet. When you visit a website using Tor, the data to and from your computer is bounced around these nodes before ending up at the website, which masks your origins from the website. You can use Tor to visit websites that block visitors based on their geographic location. The easiest way to use Tor is via the Tor Browser Bundle to connect to the Tor network. (See ‘Set Up the Tor Browser Bundle’ on the previous page.) One downside to Tor is that websites load slower as the network data goes through so many relay nodes in the middle. Further, some ISPs, particularly in China, actively search and block Tor relays, making it difficult for some users to connect. Also note that Tor only encrypts
92 | The Ultimate Networking Handbook
traffic from your computer to the exit node, which prevents your ISP from monitoring you. But since the traffic at the exit node is unencrypted, anyone that’s running the exit node can see your internet traffic. There are unconfirmed reports that many exit nodes are run by government agencies. One way to negate the vulnerability at Tor’s exit node is to only use secure protocols (HTTPS, SSH etc) when using the Tor network. You can also use the Java Anonymous Proxy called JonDo, which uses interconnected proxy servers to conceal your IP address. JonDo is similar to Tor, however the one major difference is that it only uses certified partners as nodes. Also you can choose which proxy nodes you wish to route the traffic through. You can view the location of its proxies and choose accordingly for increased security. JonDo caps connection speeds of free users, but you can subscribe to its premium service, which is as fast as VPN services. The project also has details on how to pay for the service while maintaining anonymity.
I know JonDo To use the service, download the Java-based JonDo client, extract its contents and run its installation script as root. The script will install the client under /usr/local.
Online privacy | Easy Projects
When it’s done you can launch it by typing jondo on the command line. When it starts for the first time, an installation assistant will take you through a brief connection process. When it’s done, the app will connect to a proxy server. You can choose which proxy network you want to use from a pull-down list. The geographic location of each network is marked with its country’s flag. In addition to the JonDo tool, the project also produces a secure profile for Firefox called JonDoFox. Or, you can download JonDo’s own Firefox-based browser called JonDoBrowser. You can download and install the Deb package for the browser from the project’s website or add their repository to your Debian-based distro. The JonDoBrowser is preconfigured to work with the JonDo proxy. Furthermore, unlike Tor, you can use the JonDo app to turn off anonymity and still continue using the JonDoBrowser. You can also use JonDo and Tor if you use a different browser, or a different
network app, such as an instant messaging or email client. All you need to do is configure the applications to route all their traffic through these apps. To route traffic through them, go to the app’s connection settings page and specify the following manual proxy settings. For JonDo, select the SOCKSv5 proxy and use 127.0.0.1 as the host and 4001 as the port. To pass the traffic through the Tor network, use 9150 as the port if you are running the bundle. Also remember that if you’re a free user of JonDo, you can only connect to ports that are used for web browsing, 80 for HTTP and 443 for HTTPS. For other applications you have to subscribe to its premium services. Although Tor is better known as the archetypal ‘dark web’ (or perhaps because of it), many consider JonDo to be a safer option. Tor is more susceptible to internal attacks where a node operator itself attacks the network. The possibility of such attacks is reduced in JonDo since it screens its proxies.
Privacy plugins BetterPrivacy plugin prompts you to delete all local shared objects (LSOs) every time you close the browser. HTTPS Everywhere plugin Forces the web browser to use HTTPS with all sites that support it. The Web of Trust plugin Identifies dangerous websites from search results. DoNotTrackMe plugin Stops third parties, ad agencies, and search engines from tracking the webpages you visit. Disconnect plugin Prevents tracking by over 2,000 common trackers. Priveazy Lockdown plugin When you visit a website supported by the plugin, it will suggest some of the tasks you should complete to ensure your privacy is protected. When you click on a task, Priveazy will automatically load the relevant settings page, along with detailed instructions on how to change that specific setting.
The Ultimate Networking Handbook | 93
Advanced Projects | Build a server
126 | The Ultimate Networking Handbook
Build a server | Advanced Projects
Build the perfect
media server From storing to streaming, we show you how useful a home box can be
n important element of your digital life is about making sure all of your data is kept safe and sound. But along with that most dull of things, it’s also about making your files easy to access. The home server is nothing new – you might be running one already and it’s something magazines have been recommending for years – but it’s time we started taking the idea seriously, and part of that is knowing how to build and configure one. This is a box that’s going to be running 24/7, keeping all of your data, files, films, music, photographs and more safe and sound, as well as making them easily accessible. That’s besides providing any network capabilities or streaming servers you might like to add. We’re going to base our server around a stunning little box from HP, the Proliant Microserver. Overleaf we tell you about why we’re so taken with it. The downside is it’ll set you back about £230. Of course, you can always build your own home server, and we’ve got tried and tested solutions for this option as well. Creating the ultimate server is about more than simply running a box of hard drives – it’s about the software, how the hardware is configured and how the box is connected and accessed. Everything from creating a suitable Gigabit LAN to setting up a near-bulletproof RAID (or ‘redundant array of independent drives’ – a long-standing system for combing a group of drives together in groups of two or more) for combined automatic backup and performance access. Most importantly, it has to serve and work as invisibly as possible while using as little energy as it
can. Thankfully, all of this and more is possible. Just read on to see how easy it is and discover the delights a home server is able to offer.
Why a server? So what are we doing? We want a box that we can network to store all of our files, back up the many systems we’re running, and run all our shared networked services, such as printers and remote media streaming. But the question that hangs over this enterprise is, ‘What’s wrong with a good oldfashioned network attached storage (or NAS for short) box of tricks?’ The truth is, we like NAS boxes because they offer a simple, discreet way of adding network storage, often with extra services, with a minimum of hassle, outlay or power usage. With options running from a single drive up to full quad-drive RAID models, they’ll even take care of the whole boring issue of backing up your machines. If you’re willing to spend a little more (bearing in mind a decent dual-bay NAS will set you back around £100, or closer to £159 with drives), you’ll get a more flexible server system, including processor, memory, motherboard and a basic drive, for £150 that will happily run any and all software you want, providing remote desktop access and full Windows server features. It’s these last two items that really swing it for us. Having a home server means that even if new media formats or standards are released, the hardware can be easily updated, whereas a NAS would very likely not be. A server can also be upgraded and offers full remote access both in
The Ultimate Networking Handbook | 127
You can subscribe to this magazine @ www.myfavouritemagazines.co.uk