Network Hacks

246 Articles

The Twisted History Of Ethernet On Twisted Pair Wiring

December 30, 2024 by 55 Comments

We all take Ethernet and its ubiquitous RJ-45 connector for granted these days. But Ethernet didn’t start with twisted pair cable. [Mark] and [Ben] at The Serial Port YouTube channel are taking a deep dive into the twisted history of Ethernet on twisted pair wiring. The earliest forms of Ethernet used RG-8 style coaxial cable. It’s a thick, stiff cable requiring special vampire taps and lots of expensive equipment to operate.

The industry added BNC connectors and RG-58 coax for “cheapernet” or 10Base2. This reduced cost, but still had some issues. Anyone who worked in an office wired with 10Base2 can attest to the network drops whenever a cable was kicked out or a terminator was dropped.

The spark came when [Tim Rock] of AT&T realized that the telephone cables already installed in offices around the world could be used for network traffic. [Tim] and a team of engineers from five different companies pitched their idea to the IEEE 802.3 committee on Feb 14, 1984.

The idea wasn’t popular though — Companies like 3COM, and Digital Equipment Corporation had issues with the network topology and the wiring itself. It took ten years of work and a Herculean effort by IEEE committee chairwoman [Pat Thaler] to create the standard the world eventually came to know as 10Base-T. These days we’re running 10 Gigabit Ethernet over those same connectors.

For those who don’t know, this video is part of a much larger series about Ethernet, covering both history and practical applications. We also covered the 40th anniversary of Ethernet in 2020.

Continue reading “The Twisted History Of Ethernet On Twisted Pair Wiring”

It’s Remotely Ham Radio

December 11, 2024 by 33 Comments

Have you ever considered running your ham radio remotely? It has been feasible for years but not always easy. Recently, I realized that most of the pieces you need to get on the air remotely are commonplace, so I decided to take the plunge. I won’t give step-by-step instructions because your radio, computer setup, and goals are probably different from mine. But I will give you a general outline of what you can do.

I’m fortunate enough to have a sizeable freestanding shop in my backyard. When I had it built, I thought it was huge. Now, not so much. The little space is crammed with test equipment, soldering gear, laser cutters, drill presses, and 3D printers. I’ve been a ham for decades, but I didn’t have room for the radios, nor did I have an antenna up. But a few months ago, I made space, set some radios up, strung out a piece of wire, and got back on the air. I had so much fun I decided it was time to buy a new radio. But I didn’t want to have to go out to the shop (or the lab, as I like to call it) just to relax with some radio time.

Continue reading “It’s Remotely Ham Radio”

A Month Without IPV4 Is Like A Month Without…

December 3, 2024 by 91 Comments

Recently, there was a Mastodon post from [nixCraft] challenging people to drop their NAT routers for the month of November and use only IPv6. What would it be like to experience “No NAT November?” [Alex Haydock] decided to find out.

What did he learn? You’d imagine he’d either wholeheartedly embrace IPv6 or stagger back in and warn everyone not to mess with their configuration. Instead, he recommends you go IPv6 mostly. He notes he is only talking about a home network, not necessarily networks for a big company or an Internet carrier. That’s a different topic.

IPv6 has been around since 1998, but it has been slow to catch on. However, OS support seems universal at this point. [Alex] was able to easily switch on IPv6 only using Windows, macOS, and several Linux flavors. He didn’t use any Android devices, but they should be OK. His iOS phones were fine.

Continue reading “A Month Without IPV4 Is Like A Month Without…”

The Glacial IPv6 Transition: Raising Questions On Necessity And NAT-Based Solutions

October 26, 2024 by 72 Comments

A joke in networking circles is that the switch from IPv4 to IPv6 is always a few years away. Although IPv6 was introduced in the early 90s as a result of the feared imminent IPv4 address drought courtesy of the blossoming Internet. Many decades later, [Geoff Huston] in an article on the APNIC blog looks back on these years to try to understand why IPv4 is still a crucial foundation of the modern Internet while IPv6 has barely escaped the need to (futilely) try to tunnel via an IPv4-centric Internet. According to a straight extrapolation by [Geoff], it would take approximately two more decades for IPv6 to truly take over from its predecessor.

Although these days a significant part of the Internet is reachable via IPv6 and IPv6 support comes standard in any modern mainstream operating system, for some reason the ‘IPv4 address pool exhaustion’ apocalypse hasn’t happened (yet). Perhaps ironically, this might as [Geoff] postulates be a consequence of a lack of planning and pushing of IPv6 in the 1990s, with the rise of mobile devices and their use of non-packet-based 3G throwing a massive spanner in the works. These days we are using a contrived combination of TLS Server Name Indication (SNI), DNS and Network Address Translation (NAT) to provide layers upon layers of routing on top of IPv4 within a content-centric Internet (as with e.g. content distribution networks, or CDNs).

While the average person’s Internet connection is likely to have both an IPv4 and IPv6 address assigned to it, there’s a good chance that only the latter is a true Internet IP, while the former is just the address behind the ISP’s CG-NAT (carrier-grade NAT), breaking a significant part of (peer to peer) software and services that relied on being able to traverse an IPv4 Internet via perhaps a firewall forwarding rule. This has now in a way left both the IPv4 and IPv6 sides of the Internet broken in their own special way compared to how they were envisioned to function.

Much of this seems to be due to the changes since the 1990s in how the Internet got used, with IP-based addressing of less importance, while giants like Cloudflare, AWS, etc. have now largely become ‘the Internet’. If this is the path that we’ll stay on, then IPv6 truly may never take over from IPv4, as we will transition to something entirely else. Whether this will be something akin to the pre-WWW ‘internet’ of CompuServe and kin, or something else will be an exciting revelation over the coming years and decades.

Header: Robert.Harker [CC BY-SA 3.0].

When Raw Network Sockets Aren’t Raw: Raw Sockets In MacOS And Linux

September 21, 2024 by 3 Comments

Raw network sockets are a curious beasts, as unless you have a strong urge to implement your own low-level network protocol, it’s a topic that is probably best left to the (well-paid) experts. That said, you can totally use raw sockets in virtually every operating system, but one should be aware of a few things, the lack of portability being one of them. This is what tripped [Swagnik] up while trying to write a low-level network ping (ICMP) utility, by reading the Linux socket documentation while testing on MacOS. It’s all BSD-style sockets, after all, right?

As it turns out, the network stacks in Linux and MacOS have some subtle differences, which become apparent when you read the friendly manuals. For Linux, the raw(7) man entry for IPv4 sockets make it clear that the IP_HDRINCL socket option is default by default for IPPROTO_RAW sockets. This is different from MacOS, which is effectively FreeBSD with glossy makeup. Like FreeBSD, the MacOS man page makes it clear that the IP_HDRINCL option is not set by default.

So that’s easy, right? Just fire off a setsockopt() call on the raw socket and that’s done. Not quite. The Linux man page notes that it cannot receive all IP protocols, while the FreeBSD/MacOS version makes no such exceptions. There is also the issue of endianness, which is where [Swagnik]’s blog post seems to err. The claim is that on MacOS the received IPv4 raw socket header is in host (little endian) order, while the documentation clearly notes that these are in network (big endian) order, which the blog post also shows.

Where things get really fun is when moving from IPv4 raw sockets to IPv6 raw sockets, as [Michael F. Schönitzer] covered for Linux back in 2018 already. IPv6 raw sockets drop IP_HDRINCL and requires a whole different approach. The endianness also changes, as IPv6 raw sockets under Linux must send and will receive data in network byte order, putting it in line with FreeBSD raw sockets.

Raspberry Pi Becomes Secure VPN Router

September 16, 2024 by 20 Comments

OpenWRT is a powerful piece of open-source software that can turn plenty of computers into highly configurable and capable routers. That amount of versatility comes at a cost, though; OpenWRT can be difficult to configure outside of the most generic use cases. [Paul] generally agrees with this sentiment and his latest project seeks to solve a single use case for routing network traffic, with a Raspberry Pi configured to act as a secure VPN-enabled router configurable with a smartphone.

The project is called PiFi and, while it’s a much more straightforward piece of software to configure, at its core it is still running OpenWRT. The smartphone app allows most users to abstract away most of the things about OpenWRT that can be tricky while power users can still get under the hood if they need to. There’s built-in support for Wireguard-based VPNs as well which will automatically route all traffic through your VPN of choice. And, since no Pi router is complete without some amount of ad blocking, this router can also take care of removing most ads as well in a similar way that the popular Pi-hole does. More details can be found on the project’s GitHub page.

This router has a few other tricks up its sleeve as well. There’s network-attached storage (NAS) built in , with the ability to use the free space on the Pi’s microSD card or a USB flash drive. It also has support for Ethernet and AC1300 wireless adapters which generally have much higher speeds than the built-in WiFi on a Raspberry Pi. It would be a great way to build a guest network, a secure WiFi hotspot when traveling, or possibly even as a home router provided that the home isn’t too big or the limited coverage problem can be solved in some other way. If you’re looking for something that packs a little more punch for your home, take a look at this guide to building a pfSense router from the ground up.

Getting Root On Cheap WiFi Repeaters, The Long Way Around

September 5, 2024 by 13 Comments

What can you do with a cheap Linux machine with limited flash and only a single free GPIO line? Probably not much, but sometimes, just getting root to prove you can is the main goal of a project. If that happens to lead somewhere useful, well, that’s just icing on the cake.

Like many interesting stories, this one starts on AliExpress, where [Easton] spied some low-cost WiFi repeaters, the ones that plug directly into the wall and extend your wireless network another few meters or so. Unable to resist the siren song, a few of these dongles showed up in the mailbox, ripe for the hacking. Spoiler alert: although the attempt on the first device had some success by getting a console session through the UART port and resetting the root password, [Easton] ended up bricking the repeater while trying to install an OpenWRT image.

The second attempt, this time on a different but similar device, proved more fruitful. The rudimentary web UI provided no easy path in, although it did a pretty good job enumerating the hardware [Easton] was working with. With the UART route only likely to provide temptation to brick this one too, [Easton] turned to a security advisory about a vulnerability that allows remote code execution through a specially crafted SSID. That means getting root on these dongles is as simple as a curl command — no hardware hacks needed!

As for what to do with a bunch of little plug-in Linux boxes with WiFi, we’ll leave that up to your imagination. We like [Easton]’s idea of running something like Pi-Hole on them; maybe Home Assistant would be possible, but these are pretty resource-constrained machines. Still, the lessons learned here are valuable, and at this price point, let the games begin.