If you’ve been wanting to change your DNS Resolvers away from those given by your ISP like all of the cool kids, here’s some quick instructions on where Frontier/Verizon has buried the settings in their FiOS router. In my example, I’ve changed mine to Cloudflare’s offering (1.1.1.1).
Continue reading “How to Change DNS Resolvers on Frontier/Verizon FiOS Router”
Back in August of 2013, Bart helped me figure out how to wrest control from the Verizon Actiontec FiOS router and let my Airport Extreme control my network. It was non-obvious, so he drew a diagram that I turned into a full tutorial per his instructions. The basic idea is to disable WiFi on the Verizon router, and have it simply pass out IP addresses using DHCP and send traffic straight through to the Airport Extreme. We also set the DMZ on the Verizon router to a static IP and passed that right to the Airport. The purpose of that step was to eliminate the requirement to do port forwarding on both routers if I ever needed to access something inside the network.
All of this worked great, I was able to pretty much ignore the Verizon router for the last three years.
Credit to Allister Jenks for the Instructions for iOS
Airport routers from Apple have a service turned on by default called NAT-PMP (Network Address Translation Port Mapping Protocol). This service allows applications and/or devices inside your network to automatically open ports in your router to make them accessible from the Internet. While this feature does make it easier to set up Internet of Things devices (doorbells, webcams, light bulbs), it makes your network more vulnerable to attack.
The recent (October 2016) Denial of Service attacks on the Domain Name System that pretty much broke the internet for a half a day were due to devices inside peoples’ networks being commandeered to act on behalf of the bad actors. In other words, having NAT-PMP enabled on an Airport router (or UPnP on other manufacturer’s routers) allowed these Internet of Things devices to be recruited into a botnet.
If you want to learn more, please see this Wikipedia article: https://en.wikipedia.org/wiki/NAT_Port_Mapping_Protocol
These instructions show you how to turn NAT-PMP off in an Airport Router using the Airport Utility on iOS. If you want to do it from your Mac, please see this tutorial:
https://www.podfeet.com/blog/tutorials-5/how-to-turn-off-nat-pmp-on-airport-routers/
If you have a Netgear Nighthawk Router, please see this tutorial: https://www.podfeet.com/blog/how-to-turn-off-upnp-on-netgear-nighthawk-routers/
Continue reading “How to Turn Off NAT-PMP on Airport Routers from iOS”
Routers from Netgear (and other companies) have a service turned on by default called UPnP (Unplug and Play). This service allows applications and/or devices inside your network to automatically open ports in your router to make them accessible from the Internet. While this feature does make it easier to set up Internet of Things devices (doorbells, webcams, light bulbs), it makes your network more vulnerable to attack.
The recent (October 2016) Denial of Service attacks on the Domain Name System that pretty much broke the internet for a half a day were due to devices inside peoples’ networks being commandeered to act on behalf of the bad actors. In other words, having NAT-PMP enabled on an Airport router (or UPnP on other manufacturer’s routers) allowed these Internet of Things devices to be recruited into a botnet.
If you want to learn more, please see this Wikipedia article: https://en.wikipedia.org/wiki/NAT_Port_Mapping_Protocol
These instructions show you how to turn off UPnP on Netgear Nighthawk Routers. If you have an Airport Router, please see this tutorial: https://www.podfeet.com/blog/how-to-turn-off-nat-pmp-on-airport-routers/
Continue reading “How to Turn Off UPnP on Netgear NIghthawk Routers”
Airport routers from Apple have a service turned on by default called NAT-PMP (Network Address Translation Port Mapping Protocol). This service allows applications and/or devices inside your network to automatically open ports in your router to make them accessible from the Internet. While this feature does make it easier to set up Internet of Things devices (doorbells, webcams, light bulbs), it makes your network more vulnerable to attack.
The recent (October 2016) Denial of Service attacks on the Domain Name System that pretty much broke the internet for a half a day were due to devices inside peoples’ networks being commandeered to act on behalf of the bad actors. In other words, having NAT-PMP enabled on an Airport router (or UPnP on other manufacturer’s routers) allowed these Internet of Things devices to be recruited into a botnet.
If you want to learn more, please see this Wikipedia article: https://en.wikipedia.org/wiki/NAT_Port_Mapping_Protocol
These instructions show you how to turn NAT-PMP off in an Airport Router using the Airport Utility which is inside your Applications/Utilities folder. If you have a Netgear Nighthawk Router, please see this tutorial: https://www.podfeet.com/blog/how-to-turn-off-upnp-on-netgear-nighthawk-routers/
Continue reading “How to Turn Off NAT-PMP on Airport Routers from macOS”
If you see an amber light blinking on your Airport Extreme, it may be an indication that there is a firmware update required. These quick instructions show you how to find out if there is an update, and how to do the update.
I suspect the process is essentially the same on an Apple Time Capsule router but I don’t have one with which to verify these instructions.
The screens below show the upgrade from Firmware version 7.7.3 to 7.7.7 released in mid-2016. If you’re reading these instructions at a much later date (or are running a different version of the operating system) you may see different Firmware versions, but the instructions should be the same.
Many modern routers support two frequencies for wireless access, 2.4GHz and 5GHz. The 5GHz band is much less congested, so if you have devices that support 5GHz you want them on that band. At the same time you probably have older devices that can only do 2.4GHz.
The Airport Extreme from Apple allows you to choose two ways to configure the bands:
This tutorial walks through how to use AirPort Utility to change these settings. I start with the two bands set to have the same name and show you how to give them unique names.
Continue reading “How to Separate (or Combine) 2.4GHz and 5GHz Bands with AirPort Utility”
Problem to be solved:
I have a shared data plan between my Mifi and my iPad. Under normal use at home I never go over my 4GB plan (not even close) but about 2 days into a vacation I get a 75% usage warning. I had Katie Floyd of the Mac Power Users Podcast on the NosillaCast Episode #448 to help me figure out the root causes and how to control my usage on travel. These instructions are the checklist she helped me create to best manage my data. Your mileage my vary but I’m betting at least some of these ideas will help you too.
I updated this checklist in August 2015 to include new items that run automatically that could be the cause of significant data usage. In this post I recommend a tool called TripMode from tripmode.ch to monitor and limit network access by application: Can TripMode Demystify My Massive Network Data Usage?
Continue reading “Checklist to Limit Data Use on Travel (Updated)”
If you have a machine that’s got a bad monitor or locked up in some way that you can’t directly control it, you might have some success if you could connect in via the Terminal. In these few quick steps we’ll show you how to set up the target Mac so that you can connect to it over the network using just the Terminal.
Open System Preferences and click on Sharing.
Enter your administrator credentials in the pop up window.
Check the box for remote login. If you want to restrict remote login to a subset of the users of the machine, click on the radio button for Only these users, and then click the Plus button below that window.
In this example I’ll add allison and then click Select.
Open a Terminal and type in ssh followed by the name you recorded for the target Mac.
You will be prompted for your password. In this case I only authorized the account allison, so there’s only one option here.
Note that the prompt has changed to Core-i7-4 so we know I’m logged into the target Mac.
From here you can list files, copy files, move files, whatever you can do in the Terminal if you’d been sitting at the target Mac.
Enjoy!
Bart Busschots of http://bartb.ie helped me figure out this configuration that so many people are requesting. Bart’s diagram shows the end condition. The screenshots in the tutorial are from an Actiontec router supplied by Verizon running firmware version 40.20.7 in 2013.
In this tutorial we’re going to:
This combination of steps will allow the Airport Extreme to control your home network serving out IP addresses, and to execute port forwarding (without having to also do that on the Verizon router).
User Name and password are taped to the side of the router
Click on the image of the router or the name to reveal the Edit button
don’t click Update just yet
And change router Mode to DHCP and NAT and click Update
You will get a warning (a red circle with a number in it) that if clicked will say Double NAT. This can be ignored by clicking on the router, hovering over Double NAT, Clicking and selecting Ignore. You are now free to play about the Internet.
