Archive for December, 2007

configuring the Linksys WRT54GL as a bridge with OpenWRT

Friday, December 21st, 2007

I have a standard DSL connection from Verizon, with their Westell DSL modem (with integrated switch and WiFi AP). I have a Linksys WRT54GL a couple of rooms away, and it is configured to bridge to the Westell. This is the same as just running a cable all the way across my apartment. This way I can plug things into my non-wireless devices into my WRT.

I installed OpenWRT and read the docs for a couple of hours, but in the end, I only had to change two files in /etc/config:


root@OpenWrt:~# cat /etc/config/wireless
config wifi-device wl0
option type broadcom
option channel 1
# disable radio to prevent an open ap after reflashing:
option disabled 0

config wifi-iface
option device wl0
option network lan
option mode sta
#option wds "00:18:3a:33:d8:a4"
option ssid 246_3F
option hidden 0
option encryption wep
option key 344838554d

That’s my SSID and WEP key in that config. Note that mode must be “sta”. Google “wifi-iface option mode” for more info.


root@OpenWrt:~# cat /etc/config/network
#### VLAN configuration
config switch eth0
option vlan0 "0 1 2 3 5*"
option vlan1 "4 5"

#### Loopback configuration
config interface loopback
option ifname "lo"
option proto static
option ipaddr 127.0.0.1
option netmask 255.0.0.0

#### LAN configuration
config interface lan
option type bridge
option ifname "eth0.0"
option proto static
option ipaddr '192.168.1.3'
option netmask 255.255.255.0

#### WAN configuration
config interface wan
option ifname "eth0.1"
option proto dhcp

I think I only had to change a couple of lines in this file, in the LAN section.

This configuration has been working for me for the last ~7months.

Posted in Uncategorized | No Comments »

SANS top 20 vulnerabilities of 2007

Saturday, December 15th, 2007

Courtesy of Bruce Schneier’s Crypto-Gram, I got a link to the SANS top 20 vulnerabilities of 2007. Here’s some simple and practical tips for securing Thunderbird 2.x:

View - Message body as - Select “Plain text”
View - Unselect “Display attachments inline”
Tools - Options - Advanced - Config editor … - javascript.allow.mailnews - Set to “False”
Tools - Options - Advanced - Config editor … - javascript.enabled - Set to “False”
Tools - Options - Advanced - Config editor … - javascript.options.strict - Set to “True”
Tools - Options - Privacy - E-mail scams - Select “Tell me if the message I’m reading is a suspected email scam”
Tools - Options - Privacy - Anti-Virus - Select “Allow anti-virus clients to quarantine individual messages”

“Tools - Options” is for Windows; on my Ubuntu machine it is “Edit - Preferences”.

Posted in Uncategorized | No Comments »

upgrading BIOS for Dell Dimension E521 in Linux

Monday, December 10th, 2007

Dell only provides a Windows executable for upgrading the BIOS. Luckily, they also provide a utility to generate a boot image under Linux from the EXE. Here’s the link: HOWTO. Here’s Dell’s utility.

One instruction on that page didn’t work, on EL5 the paths in grub.conf do not need the /boot prefix. Also, my BIOS image had more than 8 characters, so the memdisk crapped out at dumped me at the A:> prompt where I did ‘dir’ and ‘DMS~1.exe’ or something like that.

Posted in Uncategorized | No Comments »