Another Computer Question

[jdbower]

Using a solid metal conduit should also help isolate things a bit better - plus it'll prevent EMI between the conduits (although in theory the foil lining in the CAT5 should do that well enough).

My guess is that the restrictions on gas, water and sewer stem more from leaks than anything else - a spark near a leaking gas pipe is bad, as is water leaking into electric or sewer into water. Electric doesn't leak nearly as much

 

[MossRoad]

Using a solid metal conduit should also help isolate things a bit better - plus it'll prevent EMI between the conduits (although in theory the foil lining in the CAT5 should do that well enough).

My guess is that the restrictions on gas, water and sewer stem more from leaks than anything else - a spark near a leaking gas pipe is bad, as is water leaking into electric or sewer into water. Electric doesn't leak nearly as much

Uh, what foil? Most folks use CAT5 undhielded twisted pair.

 

[jdbower]

Uh, what foil? Most folks use CAT5 undhielded twisted pair.

D'oh! Right you are, some of the equipment in my lab requires STP because they're paranoid about grounding so that's what I typically use for everything, but most of the stuff people use at home would be UTP.

 

[MikePA]

Question about networking to an out-building.

I just built a sewing studio building for my wife. It's 40 feet away from the house. It has electric power from a sub-panel through a buried conduit. Trench is still open and I'm about to put a second conduit in for a phone line.
Can I run CAT 5 or CAT 6 cable through the same conduit I use for the phone line? Would I use the same cable through the conduit as I use through the walls/suspended ceiling inside the house?

I have a Linksys wireless router that I use for internet access (via my HughesNet) for my work laptop when I take it home. It's in my basement office and it gets OK signal strength throughout the house but I'm not sure it will "make it" out to the sewing studio (maybe I should check - DUH).

WVBill

Just to share my creds, my job is information security and I am a CISSP.

Yes, wireless security can be compromised and far too many people install wide open Access Points. But for most residential wireless installations, using encryption, MAC Address authentication and not broadcasting your SSID is adequate security. Perfect? No. Adequate? Yes. Just because wireless isn't adequate for most commercial environments doesn't mean it's not for residential use. Using encryption and MAC Address authentication requires a little more work to set up, but most residences are not adding devices all the time.

If you can easily hard wire the studio, then go for it. If you can't there's nothing wrong with using wireless. Any Pre-N wireless solution should easily reach 40 feet.

 

[WVBill]

My suggestion, a separate trench at least two to three feet away. That will minimize lightning induced coupling between the power line and the telephone/data lines.

Thanks. I'll consider another trench.

--- or maybe just move the wireless router over to the side of the house toward the studio and go wireless... I have encryption, MAC address authentication and am not broadcasting my SSID - plus my house is at least 350 feet from the road so someone would have to come up my driveway to be in range... I'm pretty secure.

Thanks all

WVBill

 

[SnowRidge]

Just to share my creds, my job is information security and I am a CISSP.

Yes, wireless security can be compromised and far too many people install wide open Access Points. But for most residential wireless installations, using encryption, MAC Address authentication and not broadcasting your SSID is adequate security. Perfect? No. Adequate? Yes. Just because wireless isn't adequate for most commercial environments doesn't mean it's not for residential use. Using encryption and MAC Address authentication requires a little more work to set up, but most residences are not adding devices all the time.

If you can easily hard wire the studio, then go for it. If you can't there's nothing wrong with using wireless. Any Pre-N wireless solution should easily reach 40 feet.

Not broadcasting the SSID does nothing for security, except make someone wonder why its not being broadcast. Encryption is the key, but it needs to be at least some form of WPA. WEP is easily cracked by amateurs (think high school kids) with readily available tools.

MAC authentication is good for keeping neighbors from inadvertently connecting to your network, but WPA encryption is the key to not having your data stolen. It will also keep your neighbors off your network.

Hard wired is best, if it can be done at reasonable expense and effort.

 

[SnowRidge]

Thanks. I'll consider another trench.

--- or maybe just move the wireless router over to the side of the house toward the studio and go wireless... I have encryption, MAC address authentication and am not broadcasting my SSID - plus my house is at least 350 feet from the road so someone would have to come up my driveway to be in range... I'm pretty secure.

Thanks all

WVBill

Is there anybody across the road? Does anybody look down on you from nearby or a distant hill? If so, you may not be as secure as you think. Google pringles can antenna to see why.

 

[MikePA]

--- or maybe just move the wireless router over to the side of the house toward the studio and go wireless... I have encryption, MAC address authentication and am not broadcasting my SSID - plus my house is at least 350 feet from the road so someone would have to come up my driveway to be in range... I'm pretty secure.

This is good to hear. As I recommended, if it's relatively easy to install Cat 5, do it. If not, you're plenty secure. There are far too many people using scare tactics when it comes to wireless, which is just as irresponsible as manufacturers not alerting people to the risk of installing a wide open AP. Remember, all online purchases and other financial transactions use the https protocol which is encrypted. Hopefully, you are already running an intrusion protection software such as ZoneAlarm. While there are readily available hacking tools, unlike 10 years ago, the majority of hackers aren't doing it just to see if they can do it. That's old news and not a challenge for today's hackers. Are you transmitting data that would make it worthwhile for someone to spend the time and effort to collect and decrypt? If so, hard wire. If not, what you've already done, plus IPS (Intrusion Prevention System) software like ZoneAlarm is sufficient. If you're really paranoid, get an AP and use wireless cards that support WPA2 encryption.

 

[jdbower]

Most security is based on two concepts:
A) People are out to get YOUR data (not just any data)
B) You can stop them

Typically neither is true.

If someone's just looking for credit cards and bank records, they don't come to the properties most of the TBN members have, they would much prefer to drive to the nearest apartment complex and take their pick of dozens of networks - most not secured at all. If someone's targeted YOUR house there's no much you can do; all security in the off-the-shelf wifi routers is easy to hack and if they can't find a wifi network they'll just break in and take your PC.

I view security like a plate glass door with a deadbolt - it keeps the honest criminals out. Security is a good thing and taking reasonable precautions is definitely useful, but once it starts to affect my lifestyle I have to make a judgment call. Enabling the best security my router has costs me nothing but having to remember the encryption key. Avoiding wifi or taking down coverage outside the house is beyond my comfort level in terms of actions I'm willing to take to reduce my perceived risk. Similarly I could put bars on my windows, arm myself to the teeth, and put in a moat, but I'd much rather move if it came to that. On the other hand I love gadgets so I will be installing a nice home security system with remotely viewable cameras - even if I'll typically be using them to figure out if I've got deer or rabbits eating my wife's garden.

 

[MikePA]

Well stated. Security is a function of time, money and often, inconvenience. In professional engagements, honest consultants evaluate what the potential loss is versus the cost of the security and the decision becomes a financial one. Even with those aspects that can not be boiled down to dollars and cents, a risk rating is applied along with the cost of the security to assist people in making a rational, fact based decision. Obviously, some people choose to buy a 'belt and suspenders' solution even when it's not warranted, but it's their money. However, scaring people into making an emotional decision is never appropriate.

 

[SnowRidge]

There are far too many people using scare tactics when it comes to wireless. Remember, any online purchases and other financial transactions use the https protocol which is encrypted.

Those people would include most authorities on the subject. The https encryption is good, but it can be defeated by key logging software. Encrypting the wireless provides an additional layer of security. Layered security is a very basic concept.

While there are readily available hacking tools, unlike 10 years ago, the majority of hackers aren't doing it just to see if they can do it. That's old news and not a challenge for today's hackers.

No, it isn't, but those hacking tools are used by today's script kiddies, who may also be war driving. Script kiddies are a major problem.

If you're really paranoid, get an AP and use wireless cards that support WPA2 encryption.

So, is it all the people who would rather not be vulnerable and use WPA that are paranoid, or is it only those using WPA2 that are paranoid? Never mind, those of us who would rather not be compromised will secure our networks with some form of WPA, if at all possible, even in the face of being labeled paranoid.

It might also be a good time to bring up the fact that wireless home network security can directly impact enterprise security, a concept which is taught in all the security courses -- or at least should be.

Businesses and government can take great steps to secure their facilities, but it can all be undone if one of their employees logs into his work network from home. All a knowledgeable attacker has to do is sniff the employee's home network for his work login ID and password, if the employee's wireless is not secured, or is poorly secured, and he can then bypass the enterprise security at his leisure.

Of course, it doesn't have to be a wireless issue at all. If someone gets past the firewall or exploits some other vulnerability and installs a key logger, it's Katy bar the door.

That ought to comfort people reading this who log into work from home.

 

[MikePA]

I now understand why Inspector507 doesn't offer electrical advice anymore.

 

[MossRoad]

Any of you ever see that Dilbert cartoon...

"I SUMMON THE VAST POWER OF CERTIFICATION.

 

[Soundguy]

I now understand why Inspector507 doesn't offer electrical advice anymore.

Yep.. same reason I stopped offering CE advice online..

You try to make a basic presentation for a limited scope project, and then you get steam rolled because your plan was not all encompassing and mil-spec... etc.

Soundguy

 

[Inspector507]

I now understand why Inspector507 doesn't offer electrical advice anymore.

Yep . Of course my experience and knowledge is always available by PM or e-mail.

 

[Soundguy]

I don't even go there.. my 'universal' advice is now to " Hire an engineer in your area.. pay him to look over your physical site, and at your plans.. then pay him for his advice."

Soundguy

 

[MossRoad]

At my job I get frequent requests to work on people's home computer for money. I will not do it. I can only imagine someone that I marginally know messing up their files, then asking me to look at it, then blaming me for it when the repair does not work. No thanks.

But I will offer suggestions as to what they can look for, etc... but will always stress that they need to backup their personal files before touching the machine.

 

[Tig]

Snowridge, have you played with the cantennas at all? I had access to some sophisticated design software and facilities but was unable to get satisfatory results. The goal was to beam wifi out to an ice fishing shack.

 

[tallyho8]

This is the cantenna my son installed at my home. His house is on my property 600 feet from mine and he shares my high speed internet connection. There is no other home in the direction my antenna is facing for over 500 miles so we probably took a lot of security precautions for nothing. He says this system is working better than when he had cable connected directly to his house.

 

[Tig]

600 feet is decent range. To get to the fish I need to be about a kilometer or two out. Many sites claim they get 2Km from a pringles can. Maybe I'll experiment a bit more.