Creating and Maintaining Home Networks
http://edu-observatory.org/olli/Networks/index.html



OVERVIEW

Wikipedia: Internet (WAN)
  https://en.wikipedia.org/wiki/Internet

  The Internet (or just internet) is the global system of
  interconnected computer networks that uses the Internet
  protocol suite (TCP/IP) to communicate between networks and
  devices. It is a network of networks that consists of
  private, public, academic, business, and government networks
  of local to global scope, linked by a broad array of
  electronic, wireless, and optical networking technologies.

  The Internet carries a vast range of information resources
  and services, such as the inter-linked hypertext documents
  and applications of the World Wide Web (WWW), electronic
  mail, telephony, and file sharing.


Wikipedia: Default Gateway (Router)
  https://en.wikipedia.org/wiki/Default_gateway
  
  A default gateway is the node in a computer network using
  the internet protocol suite that serves as the forwarding
  host (router) to other networks when no other route
  specification matches the destination IP address of a
  packet.

  A gateway is a network node that serves as an access point
  to another network, often involving not only a change of
  addressing, but also a different networking technology. More
  narrowly defined, a router merely forwards packets between
  networks with different network prefixes. The networking
  software stack of each computer contains a routing table
  that specifies which interface is used for transmission and
  which router on the network is responsible for forwarding to
  a specific set of addresses. If none of these forwarding
  rules is appropriate for a given destination address, the
  default gateway is chosen as the router of last resort. The
  default gateway can be specified by the route command to
  configure the node's routing table and default route.

  In a home or small office environment, the default gateway
  is a device, such as a DSL router or cable router, that
  connects the local network to the Internet. It serves as the
  default gateway for all network devices.


Wikipedia: Local Area Network (LAN)
  https://en.wikipedia.org/wiki/Local_area_network

  A Local Area Network (LAN) is a computer network that
  interconnects phones, tablets, computers, (and other 
  devices that people connect to the internet) within a 
  limited area such as a residence, school, laboratory,
  university campus or office building. Ethernet and Wi-Fi are
  the two most common technologies in use for local area
  networks.






EXAMPLE OF A LOCAL AREA NETWORK (LAN) Diagram of your Instructor's Local Area Network. My ISP supplied Cable Modem (not shown on the diagram) would be located at the word "Internet" on this diagram and connects directly to airport3b (Router). Each AirPort Extreme is a Wi-Fi Access Point and can also be configured as a Router. Each solid line represents a cat5/6 ethernet cable. Ethernet cables connect Modem to airport3b (Router), which in turn connect to airport1b (Wi-Fi Access Point) and airport2b (Wi-Fi Access Point). The three Wi-Fi Access Points located at opposite ends of the house provide good coverage in any room. Mesh routers achieve similar coverage without cables. open -a "AirPort Utility.app" to demo devices connected via Wi-Fi

INTERNET SERVICE PROVIDER (ISP) Wikipedia: Internet Service Provider (ISP) https://en.wikipedia.org/wiki/Internet_service_provider An Internet service provider (ISP) is an organisation that provides services for accessing, using, or participating in the Internet. Internet service providers can be organized in various forms, such as commercial, community-owned, non-profit, or otherwise privately owned. Internet services typically provided by ISPs can include Internet access, Internet transit, domain name registration, web hosting, Usenet service, and colocation. An ISP typically serves as a connection or gateway that provides a user, access to everything available on the Internet. Wikipedia: Carrier-grade NAT https://en.wikipedia.org/wiki/Carrier-grade_NAT#Disadvantages Many cell phone carriers (AT&T, Verizon, T-Mobile, etc.) and Some Fiber Optic ISPs use Carrier-grade NAT as there are not enough IPv4 addresses for all of their customers. From the command line: traceroute -aI `curl --connect-timeout 1 -s ipinfo.io/ip` If more than one hop, your IP address is behind a NAT. open -a "AirPort Utility.app" to demo router's WAN IP address LAN IP address If your WAN IP address, as shown on your Router, is: 10.0.0.0 - 10.255.255.255 (10.0.0.0/8) 16,777,216 172.16.0.0 - 172.31.255.255 (172.16.0.0/12) 1,048,576 192.168.0.0 - 192.168.255.255 (192.168.0.0/16) 65,536 then you are NAT'd. These are private IP addresses, as defined in RFC 1918. https://www.ripe.net/participate/member-support/lir-basics/ipv6_reference_card.pdf BeeNetTools (App for iOS, iPadOS) Ping, Traceroute, & MTR https://apps.apple.com/us/app/beenettools/id1160138136

FIND INTERNET SERVICE PROVIDERs (ISPs) IN YOUR AREA AllConnect: Internet Providers by Address https://www.allconnect.com/internet FCC: Internet Service Providers by Address (July 2019) https://broadbandmap.fcc.gov Who is My Current Internet Service Provider? https://bgp.he.net https://www.test-ipv6.com What is My Current Internet Service Provider Bandwidth/Speed? https://speedtest.tds.net http://speedtest.mediacomtoday.com http://speedtest.centurylink.com https://fast.com

MODEM A modem, usually provided by your Internet Service Provider (ISP) translates signals from your ISP via fiber, cable, phone line, or Antenna into digital signals using the internet protocol (IP). A modem will have a unique IPv4 address on the Internet. The current status of the modem lights helps the end user to know whether a connection is established, if the connection is active, or if the connection has dropped for some reason. One should download the Manual (PDF) for your Modem. Cable modems often use an internal IP Address 192.168.100.1 Using your browser type: http://192.168.100.1 ROUTER A NAT router (sometimes referred to as a gateway) creates a local area network (LAN) of private IP addresses and interconnects that LAN to the wide area network (WAN) known as the Internet. The "Network Address Translation" (NAT) performed by the router allows multiple computers, smart phones, tablets, and other devices connected to the LAN behind the router to communicate with the external Internet. One should download the Manual (PDF) for your Modem, Router, and/or Modem-Router combination. Modem Router THE CHECKLIST PODCAST 89: ROUTER RUNDOWN (22+ min) https://www.securemac.com/checklist/checklist-89-router-rundown Routers -- Most everybody has one at home. But most of us don't know anything about our routers. If the router gets hacked the bad guys can get everything! WARNING ABOUT ROUTERS Most gateway routers used by home customers are profoundly not secure. Some routers are so vulnerable to attack that they should be thrown out, a security expert said at the HOPE X hacker conference in New York. "If a router is sold at [a well-known retail electronics chain], you don't want to buy it," independent computer consultant Michael Horowitz said in a presentation. "If your router is given to you by your Internet Service Provider (ISP), you don't want to use it either, because they give away millions of them, and that makes them a prime target both for spy agencies and bad guys." ROUTER BUGS, FLAWS, HACKS, AND VULNERABILITIES https://routersecurity.org/bugs.php If you care about the security of your router, and you should, it is best to avoid consumer grade routers. On the whole, the software in these routers is buggy as heck. SUGGESTED SECURE ROUTERS http://edu-observatory.org.olli/Networks/Suggested_Secure_Routers.html

ACCESSING YOUR ROUTER FOR ADMINISTRATION (Extremely Important) Internet Service Provider (ISP) supplied Routers (not recommended), the administration thereof, many not be readily accessable to you with the ISP holding the login username and password. Your ISP should provide you with the access at the time of installation or upon request. Apple AirPort Utility https://apps.apple.com/us/app/airport-utility/id427276530 https://support.apple.com/guide/aputility/welcome/mac open -a "AirPort Utility.app" to demo router setup, and maintenance. Find Your Router's Internal IP Address (Windows) Type from command line: ipconfig Find Your Router's Internal IP Address (Mac) System Preferences > Network > Advanced > TCP/IP or type from command line: route get default Once you know your Router's Internal IP address, using your browser, type: http://Your Router's External IP Address

ROUTER SECURITY SETTINGS (Extremely Important) Apple: Recommended Settings For Wi-Fi Routers And Access Points https://support.apple.com/en-us/HT202068 FTC: Securing Your Wireless Network https://www.consumer.ftc.gov/articles/0013-securing-your-wireless-network Secure Router Configuration https://routersecurity.org/index.php#StartHere https://routersecurity.org/index.php#FullList Router Security Checklist https://routersecurity.org/checklist.php

TESTING YOUR ROUTER FROM THE OUTSIDE ShieldsUP!! -- Internet Connection Security for Windows Users by Steve Gibson, Gibson Research Corporation https://www.grc.com/x/ne.dll?bh0bkyd2 Your use of the Internet security vulnerability profiling services on this site constitutes your FORMAL PERMISSION for us to conduct these tests and requests our transmission of Internet packets to your computer. ShieldsUP!! benignly probes the target computer at your location. Since these probings must travel from our server to your computer, you should be certain to have administrative right-of-way to conduct probative protocol tests through any and all equipment located between your computer and the Internet. DNS Nameserver Spoofability Test https://www.grc.com/dns/dns.htm Understanding ICMP and why you shouldn't just block it outright https://neilalexander.dev/2017/04/16/understanding-icmp.html You need your External IPv4 address for Nmap Online (below) https://bgp.he.net https://www.test-ipv6.com Nmap Online https://nmap.online Test Your Router https://www.routersecurity.org/testrouter.php

TESTING DEVICES WITHIN YOUR LOCAL AREA NETWORK (LAN) Download the Free Nmap Security Scanner for Linux/Mac/Windows https://nmap.org/download.html Nmap ("Network Mapper") is an open source tool for network exploration and security auditing. It was designed to rapidly scan large networks, although it works fine against single hosts. Nmap uses raw IP packets in novel ways to determine what hosts are available on the network, what services (application name and version) those hosts are offering, what operating systems (and OS versions) they are running, what type of packet filters/firewalls are in use, and dozens of other characteristics. While Nmap is commonly used for security audits, many systems and network administrators find it useful for routine tasks such as network inventory, managing service upgrade schedules, and monitoring host or service uptime. Nmap Tutorial to find Network Vulnerabilities https://www.youtube.com/watch?v=4t4kBkMsDbQ Since my Local Area Network (LAN) has the IP addresses 172.16.0.1/24 I will do the following nmap scan: sudo nmap -F 172.16.0.1/24 Wireshark https://sectools.org/tool/wireshark/ https://www.wireshark.org Wireshark is the world's foremost and widely-used network protocol analyzer. It lets you see what's happening on your network at a microscopic level and is the de facto (and often de jure) standard across many commercial and non-profit enterprises, government agencies, and educational institutions. Wireshark development thrives thanks to the volunteer contributions of networking experts around the globe and is the continuation of a project started by Gerald Combs in 1998.

Wi-Fi SIGNAL BASICS Just to clear up a popular misconception: Wi-Fi microwaves are non-ionizing radiation. That means that they do not cause cancer. That's right kids, microwaves will not make you radioactive and glow in the dark! Best Practices for Access Point Placement https://www.control4.com/docs/product/access-points/best-practices/english/latest/access-points-best-practices-rev-a.pdf Proper access point (AP) installation and placement is a critical step in the wireless design process. Follow these recommended best practices for the best placement of your AP. open -a "AirPort Utility.app" to demo connection quality, signal strength, speed, and bandwith via Wi-Fi Wikipedia: IEEE 802.11 (technical) https://en.wikipedia.org/wiki/IEEE_802.11 IEEE 802.11 is part of the IEEE 802 set of local area network (LAN) protocols, and specifies the set of media access control (MAC) and physical layer (PHY) protocols for implementing wireless local area network (WLAN) Wi-Fi computer communication in various frequencies, including but not limited to 2.4 GHz, 5 GHz, 6 GHz, and 60 GHz frequency bands.

WHAT YOU CONNECT TO THE INTERNET MATTERS (Extremely Important) Wikipedia: Internet of things https://en.wikipedia.org/wiki/Internet_of_things The Internet of Things (IoT) describes the network of physical objects-"things"-that are embedded with sensors, software, and other technologies for the purpose of connecting and exchanging data with other devices and systems over the internet. The definition of the Internet of Things has evolved due to the convergence of multiple technologies, real-time analytics, machine learning, commodity sensors, and embedded systems. Traditional fields of embedded systems, wireless sensor networks, control systems, automation (including home and building automation), and others all contribute to enabling the Internet of things. In the consumer market, IoT technology is most synonymous with products pertaining to the concept of the "smart home", including devices and appliances (such as lighting fixtures, thermostats, home security systems and cameras, and other home appliances) that support one or more common ecosystems, and can be controlled via devices associated with that ecosystem, such as smartphones and smart speakers. There are a number of serious concerns about dangers in the growth of IoT, especially in the areas of privacy and security, and consequently industry and governmental moves to address these concerns have begun including the development of international standards. Checklist 172: A Ring of Trouble (28+ min) https://www.securemac.com/checklist/checklist-172-a-ring-of-trouble Checklist 129: The Internet of Things and Other Things (35+ min) https://www.securemac.com/checklist/internet-of-things-and-other-things Checklist 126: Little Nests Have Big Ears (29+ min) https://www.securemac.com/checklist/checklist-126-little-nests-have-big-ears Privacy When Using the Internet http://edu-observatory.org/olli/Privacy/index.html Home Computer Security http://edu-observatory.org/olli/HCS/index.html Problems/Bugs continue to be found in hardware, operating systems, applications software, networks, and technology. There is an ongoing battle between the good guys finding and fixing the problems and the bad guys1 finding and exploiting the problems. Your role is important in this ongoing drama! 1Do bad guys include ISPs, Carriers, big tech and your own government?

INTERNET CONNECTIVITY AND RELIABILITY http://edu-observatory.org/olli/Connectivity/index.html If you have ever gotten the message "Server Not Found", or "You Are Not Connected to the Internet", might be due to an internet Connectivity and Reliability issue. This resource will help you troubleshoot the cause and lead you to a reliable solution. sam.wormley@gmail.com