Category: Case study

Posted on

Home Networking

This article was written to accompany a presentation done on 22nd January 2023. All the videos embedded in the post were current at that date. They could be removed from YouTube, or replaced by later ones, at any time.

The presentation built upon one that Paul de Geus did and which is included below. I’m indebted to him for pointing me to the video from RSAweb, which is a really good and short introduction to improving Home WiFi signal, and also including at least one video in the show from PowerCert. They are so good, I’ve used them as the basis of this presentation.

I’ve also written a couple of articles that you might find it useful to refer to …

Improving home network performance“, and

Home networks – some notes

Also, remember there’s a “Network issues” Forum that has several Topics relating to Home Networking, and if you have discovered a really good bit of technology, or you want help with the kit you’ve got, that would be a great place to look, or contribute to.

First however take a look at Paul’s presentation, of 2019 – yes five years ago, I can’t believe that! You can scroll through the slides using the arrow keys at the bottom of the window and make the text bigger using the +/- keys.

I suppose we should start with perhaps the main problem – a poor WiFi signal – and then work back from that to see whether we can improve our understanding of how networking works and how we can improve our Home Networking experience.

How to improve your WiFi signal at home

A more detailed look at possible quick wins are detailed in this article, and again some of the suggestions it mentions are covered later.

You might be able to improve your home WiFi by following the advice in that video and the article; indeed WiFi Extenders could do the trick (see later), but it’s probably better to understand a little more about the devices you’re using. So we start with Modem and Router. Almost always in new installations combined into one device called a Super Hub, or Smart Hub. Often an Internet Service Provider (ISP) will package that with a streaming TV service which includes the capability of recording TV channels and this will use the Hub to transmit by ethernet, or WiFi, to the TV.

Modem vs Router – What’s the difference?

So we have a device – a modem, that is connected to the internet by either a fibre-optic cable (eg VirginMedia), or DSL copper/fibre connection (eg OpenReach); it will almost always have a router with both WiFi and Ethernet ports included in it. The WiFi will normally offer two bands (wireless frequencies) at 2.4GHz and 5.0GHz. These two bands have different characteristics which are explained in the following video. [NB It’s important to note that Smart Devices mostly seem to prefer to operate on the 2.4Ghz band, so if you’re having difficulty connecting them, it might be prudent to check you have enable that band.]

2.4GHz vs 5GHz WiFi: What’s the difference?

Older WiFi devices will tend to use the 2.4GHz frequency and newer ones the 5GHz frequency. If you were experiencing poor WiFi on the 2.4GHz frequency it used to be recommended that you checked the channels that were being used in the neighbourhood and for you to change to a different one, usually 1 or 11 – the default is often 6. This is easily done by logging into your router (hub) and configuring a default channel.

However another possibility is to install a WiFi Extender. This device, as it suggests) accepts a WiFi signal from your WiFi Router (hub) and extends the signal to a part of the house where the signal is not so strong.

WiFi Extender (Booster) Explained

One of these devices may well suit your purposes and you may well be able to get one that has auto-sync that enables the network name (the Service Set Identifier or SSID) of your router to be used on the WiFi extender, but not always, and you may find yourself with two WiFi networks – one SSID for the router, another SSID for the extender, and you will have to choose your network depending upon the area of the house you are in and seamless roaming between the two will not be possible. Examples of WiFi Extenders (or Boosters) are listed here.

A different approach is to use the electric power circuits in your house to extend an ethernet network from the router (hub) to a power outlet on the same electric circuit. [NB This is the only configuration I’m happy to recommend. If you have more than one ring main, you may find that you don’t get good results when trying to connect between the two.] This technology is called Powerline and you can purchase devices that have both ethernet and WiFi capability. Again, look for ones that have auto-sync that will extend the SSID of the router to provide a single WiFi network. The video below explains how Powerline networking works.

Powerline Ethernet Networking Explained

One of our members (David Hughes) has recently installed this system, a TP-Link AV600 Powerline system which he is happy with. There are a couple of videos on that page which demonstrate how easy these new Powerline systems are to setup.

However, for some people (me included) the houses we live in are not well suited to any kind of WiFi (or ethernet) networking, and so Mesh wireless may be the solution. Interestingly most mesh systems use a dedicated 5GHz channel to let the devices “talk” to each other. In routing terms these are therefore tri-band routers. One example of a Mesh solution is the one offered by Google.

Mesh WiFi Explained

A popular Mesh solution is the one offered by BT

How to set up your Complete Wi-fi Disc

… whilst Renee Martin has recently installed a TP-Link Deco E4 Mesh WiFi system. However, not all mesh systems are alike; some appear to work seamlessly behind your router in Access mode, others like mine require you to switch your hub into modem mode so that the main mesh hub works in Router mode. For the TP-Link system the difference between Access Mode and Router Mode is described here.

Should you be considering a Mesh system here are a some reviews – here, here and here. My system is a Netgear Orbi RBK53 one and I’m including a few screen shots from the app that you use to manage the network to describe what it does.

You have a main hub device, connected to the internet through a modem (my VirginMedia SuperHub – configured to be in modem mode), it then has two satellite hubs, one connected by an ethernet cable to my office, the other using WiFi to the back of the house which provides a WiFi facility to the upstairs, kitchen and garden. [I have tried connecting it using Powerline but there doesn’t appear to be any benefit from doing so.]

The devices connected to the satellite hub in my office at the time I took a screenshot were …

The devices connected to the satellite in the back of the house (when this map was created) were …

There are then a number of devices also connected to the Main Hub with one port being used to connect the ethernet cable to the Orbi in the office, one port connecting to a switch behind the TV (to connect the TV, HiFi etc), one to Powerline (not being used currently), and of course one to the VirginMedia Hub.

Looking at the configuration of the Orbi in the Office, you can see that it has an IP Address which it has obtained from the Main Hub. All IP addresses within the home network will always start 192.168.1.xxx – the individual devices being recognised by unique MAC addresses which are held against the IP address in the hubs.

… so when you look at the router settings on the Main Hub you can see it’s IP address is 192.168.1.1

Looking at the internet port settings of the router you can see that it has an external IP address of 86.29.24.114. This is effectively the IP address of my house. I am extremely lucky that this IP address does not seem to change – a VirginMedia “bug”, or is it because my VirginMedia Superhub is now just a modem?? This then makes it possible for me to host a server on my network, because I have a quasi-static IP address. Normally the external device is dynamically set so that when there is a power outage you may find you have been given a different external IP address.

The other setting that is interesting is the DNS server. Your ISP will have setup your router to point at their server, but these servers will usually be based in the area that it provides service to. So, it is often a good idea to change the defaults to Cloudflare (1.1.1.1), or Google (8.8.4.4, or 8.8.8.8) because their servers are worldwide and so should provide quicker lookup of the directory. [NB what we’re talking about here is the translation of a friendly domain name eg google.com, to a set of four digits.] When your router is given a domain it has to look up it will look first at the the first one in your list; if it’s very busy, it will drop to the second, etc. So My router will look at Cloudflare first, then Google before dropping to VirginMedia.

That’s about it. I haven’t covered a number of topics that you might be interested in, eg

Understanding IP addresses and how they’re constructed
How a DNS Server (Domain Name System) works.
What is a Firewall?
VPN (Virtual Private Network) Explained

A few more refs. that you probably don’t need to know anything about:
Subnet mask explained
DHCP Explained – Dynamic Host Configuration Protocol
WiFi (Wireless) Password Security – WEP, WPA, WPA2, WPA3, WPS Explained

Posted on

Identity Theft

This will probably be one of the most challenging posts I’ve ever attempted to write because in all truth, I don’t think we really still know what actually happened to my daughter’s online identity, let alone wholly knowing how it happened, but I’m going to try and explain the sequence of events as an alert to you all, and a reminder to us too!

Some background and a plausible explanation of why they got themselves into the situation they found themselves.

They’d been self-employed for a short while now, working as a freelancer, and had just submitted their first tax returns in that capacity.

They were working from home, with two young children with one under six months old, and both very demanding of their time.

The family is living in another family member’s house whilst they “do up” their new house.

They’re adept at multi-tasking (obviously too adept as it turns out) and is (as many of their age are able to do) capable of nestling their phone between chin and shoulder whilst doing other tasks!

What happened next!

She had a phone call purporting to come from HMRC (we’re presuming this was just a fortuitous coincidence from the fraudster’s point of view – they had no way of knowing the employment status of the family member) – saying that they had a refund owing. As explained above she thought this was quite possibly the case as she had just completed a tax return – again an unhappy coincidence! She was told to click on a link in a text message to complete the process of getting the refund. She had their youngest child on her hip, was preparing a meal and was “distracted”. She filled-in the required information from the link!!!!

Agh! No!

Shortly afterwards (the same day) she presented her credit card at a supermarket and payment was refused. She realised something was wrong. She found she didn’t have access to her online banking. She contacted the bank by phone. The bank “supposedly” froze the account there and then but it was apparent that at least two transfers of money had been made to someone who was a Payee in her account – why? That’s the clever bit of the scam, I’ll explain later!

More payments appeared to have been made … help!!!

How could this be? The account was frozen … wasn’t it?

Get the family involved!

Having a son who’s an IT expert comes in useful, especially if he lives on the other side of the world! He worked through the night (day) in securing as many of her accounts as he could. Changing passwords, which were admittedly rather weak and used more than once (should have listened to Dad) – but he had no idea just how much data had been downloaded, or indeed just how much they had to start with as a result of perhaps a previous “pwned” event.

Having another local son who’s also very practical and logical helps also. He suggested that she contact the payee and tell them about the payment and request it be refunded. What transpired next turns out to be the “clever” part of the scam, although on this occasion it wasn’t conducted very expertly because they attempted multiple payments to the same payee. The payee confirmed that they’d had this payment, wondered what it was and had been a bit puzzled as to why Mr X had contacted them and requested a refund to a bank account because “he’d made a mistake”.

This was obviously NOT the same account as that from which the payment had originated and turned out to be the way the scammers were hoping to transfer funds from the hi-jacked bank account to one of their own! Fortunately, my son’s suggestion alerted the payee and the payee advised their bank NOT to transfer the money.

Phew! How did this all happen when the bank account was supposed to be frozen?

The key to this scam was getting control of my daughter’s mobile phone number. She didn’t realise it immediately, but soon became aware that it had been “stolen” through a scam called SIM swapping. This usually is done by a seemingly distressed person going into a mobile phone shop and pleading for a new SIM with a phone number “because their phone has been stolen” and “it’s absolutely imperative they have their number back immediately as there’s something very important happening right now”.  This is described here.

Why do they want to do this? Because they can transfer calls made to the rightful owner of the phone to their own phone.

Why do they want to do this? Because they can then request the bank account to be unfrozen, and also use their access to the phone number for any number of authorisation features.

And what is more they can lock you out of your phone accounts.

How did they do this in this case? Well GiffGaff is an online service provider and they have stated that they did everything they were supposed to do to authenticate the request for a SIM swap – but it is evident that there are serious weaknesses in their processes. They have stated they are looking at this for the future. Just Google “GiffGaff SIM swap Fraud” to see what is returned – it’s frightening!

So what happened next, and was there a happy ending?

Well, believe it or not, even with a personal visit to the bank and assurances that no more payments would be made, the bank did allow the account to be unfrozen and transfers out of her account were attempted. A second visit to the bank resulted in heartfelt apologies being made and offered over the way their fraud department had handled the problem and a complaint being raised by the branch against their own department on my daughter’s behalf – I don’t know the outcome of that!

Well, there was a happy financial outcome. Thanks to the prompt action and thinking of my local son, the initial transfer was halted. It’s not conclusive whether my daughter could have received compensation (as detailed here) as she was the instigator of the problem through her own mistake (the HMRC phone call). All other attempted transfers were eventually trapped by the bank and refunded to her – so no financial loss.

However …

Much more significant than the potential financial loss was what it did to her confidence. She insisted on getting a new phone, because she wouldn’t accept any advice from any family member (especially me) that there wasn’t anything on her phone that wouldn’t continue to monitor her.

She also lost all confidence in using any online systems – which up until then she’d been very reliant upon.

She also lost a lot of confidence in herself as she realised just how gullible (but extremely unfortunate) she’d been … but the positive side of this, and the main reason for sharing this is that she’ll be much more careful in the future!

Postscript.

We don’t know whether the identity theft side of this will ever be resolved. We all know that a huge amount of information is held on us on the internet. We all know that some websites have had their security breached and identity information stolen. We don’t know what was held by others about my daughter. She had a public profile, they now have the potential to add even more information to their database about her if they had managed to download information from her email (and other) accounts before my son locked them down. We just don’t know.

There was a mysterious book that arrived at her house with a cryptic message in it.

There have been some scamming emails purporting to come from her since this event.

She now uses a different email account.

We just don’t know whether these are connected to the fraud event or are just strange random occurrences … and I suppose we never will know just how much additional information they may have downloaded – emails, photographs, documents, etc. etc. Very frightening.

NatWest Guide to Fraud
Some privacy tips for iPhone users.