Announcing a new site design for podfeet – go kick the tires at https://podfeet.com/beta2. My Affinity Photo 1.5 tutorial is up at ScreenCasts Online. We hear from Anker about their new Nebula projected displays, Nonda talks about their connected car devices, I explain more about how cool our network is now that we’ve folded in the TiVos with MoCA. Then we hear about the C-me Selfie Drone, and the Fly Sport Earbuds from Braven. Finally I wrap up by telling you my tales of adventure with offsite backups and why I’ve moved from CrashPlan over to Backblaze.
I made a deal with Bart when he started his two podcasts Let’s Talk Apple and Let’s Talk Photography that he would never have to be on more than every other week. But this week I tricked him by asking him if he’d come on and explain IPv6 to me. His first answer was that he didn’t understand it well enough to explain it. But of course Bart being Bart, that ear worm I so carefully placed caused him to go out and study it and now he’s here to explain it to us. And of course below you’ll find his excellent show notes.
Back in August of 2013, Bart helped me figure out how to wrest control from the Verizon Actiontec FiOS router and let my Airport Extreme control my network. It was non-obvious, so he drew a diagram that I turned into a full tutorial per his instructions. The basic idea is to disable WiFi on the Verizon router, and have it simply pass out IP addresses using DHCP and send traffic straight through to the Airport Extreme. We also set the DMZ on the Verizon router to a static IP and passed that right to the Airport. The purpose of that step was to eliminate the requirement to do port forwarding on both routers if I ever needed to access something inside the network.
All of this worked great, I was able to pretty much ignore the Verizon router for the last three years.
Steve Davidson posted a great question on podfeet.com on my post about the Netgear Nighthawk X8 router:
Allison, now that Apple has end-of-lifed the AirPort Extreme (my device of choice until now), I’m taking another look at the Netgear Nighthawk X8 (your endorsement has to be worth $$$ to Netgear). Besides the obvious reasons to use an Apple access point/router (e.g., quality, auto-notification of firmware updates, etc.) is the fact that I can plug two USB drives into it (via a USB hub) and it provides great Time Machine backup destinations for my home systems.
So the big question is: Do you know if the Netgear Nighthawk X8’s USB ports can support over-the-network Time Machine backups (to AFP+ drives)?
We live in amazing times, don’t we? It’s 2016 and I can do a FaceTime video call with my baby grandson a hundred miles away… while I’m out on a walk. My phone can take panorama pictures. I can turn my lights on and off when I’m not even home. One of my best friends lives in Ireland and I get to talk to him a couple times a week. I have access to all world knowledge through the internet.
A few weeks back after the disastrous distributed denial of service attack on the DNS servers was found to have been caused by insecure Internet of Things devices, Bart suggested that we turn off automatic port forwarding. This is a technology that is built into routers that allows devices (and software) inside your network to punch holes through your firewall in order to talk to the Internet. The advantage of this technology is that you don’t have to understand or even know what port forwarding is in order to get your devices and software to work. Unfortunately, we’ve learned that our IoT devices are often spectacularly insecure. For example, there are devices with hard-coded Secure Shell (SSH) usernames and passwords that were largely responsible for the denial of service attack.
This automated port forwarding I’m describing on most routers is called UPnP, and on Apple routers they use a similar protocol called NAT-PMP. Bart recommended that we turn this service off, and only open ports manually when we know why they need to be opened. I have both a Netgear router and an Apple router, so I thought it might be helpful if I posted tutorials on how to turn off UPnP via the web interface on the Netgear router, and NAT-PMP from the Airport Utility. Thanks to Allister Jenks for helping put together the instructions for turning off NAT-PMP from an iOS device for the Airport. And of course we made the tutorials with my favorite app, Clarify.
Credit to Allister Jenks for the Instructions for iOS
Airport routers from Apple have a service turned on by default called NAT-PMP (Network Address Translation Port Mapping Protocol). This service allows applications and/or devices inside your network to automatically open ports in your router to make them accessible from the Internet. While this feature does make it easier to set up Internet of Things devices (doorbells, webcams, light bulbs), it makes your network more vulnerable to attack.
The recent (October 2016) Denial of Service attacks on the Domain Name System that pretty much broke the internet for a half a day were due to devices inside peoples’ networks being commandeered to act on behalf of the bad actors. In other words, having NAT-PMP enabled on an Airport router (or UPnP on other manufacturer’s routers) allowed these Internet of Things devices to be recruited into a botnet.
Back in April I told you about the new router I bought, the Nighthawk X8 from Netgear. I bought this router for two reasons. I already had an Airport Extreme 802.11ac router with beam forming antennas, but after talking to Bart about how insecure the Internet of Things devices are, I wanted to run two parallel networks. The second reason is because it sounded really cool.
One thing neither of us did was any kind of network speed tests to see whether a) we needed this router and b) whether the new router improved speeds or reduced dead spots in our homes. We had both been influenced by Dave Hamilton of the Mac Geek Gab where he talks a lot about routers. I reached out to Dave and asked him what he uses to check network speeds. I knew that while running speedtest.net was a relatively good way to test your Internet speeds, it wasn’t a good way to test the speed of your internal network. Since the speed test was going through Internet and back, it had far too many variables involved.
Before we dig into the tests, let’s review the devices. The Airport Extreme is the current model, which has internal beam-forming antennas. It’s only a dual-band router, with one radio for 2.4 GHz and another for 5 GHz. The Nighthawk X8 is a tri-band router with two 5 GHz radios and one for 2.4 GHz. By having two 5 GHz radios the Nighthawk can send and receive at the same time. It also sports four internal antennas and four active external antennas. That all sounds swell, but at 1.7x as much money for the Nighthawk X8 over the Airport Extreme, let’s see how they perform relative to each other in real world testing. Continue reading “Real World Bandwidth Test: Netgear Nighthawk X8 vs Airport Extreme”
George from Tulsa is back with some ideas on what might be causing Denise’s high bandwidth usage. It’s a great list of things to check out. Denise comes back with a great success story on the issue and then a walkthrough of her recent upgrade of her Mac mini to an SSD with some great advice. I get a word in edgewise with these two and talk about how I added language support to Podfeet.com and how we FINALLY got our AppleTV working on hotel WiFi so Steve could watch the Olympics.