Slashdot Mirror
Building A (Serious) Home Network From Scratch
Casey Lang-Vie writes "THG are running an article that outlines how to build a home network from scratch. I wish I'd read this before I attempted - now I have a few (ok, 8) unsightly holes in my wall." This is the type of network that encourages home ownership rather than rental.
Just a thought...
Remember to follow spec when making your own network cables. Running the wires straight through will cause issues (signal interference). You must have pins 3 and 6 on the same twisted pair, otherwise, the cables won't work after 30 feet or so...
If I had done it correctly, I could have saved 2 trips to the store, and lots of headaches.
And if you don't give a rat's ass about Internet Free Speech, boycott Tom's Hardware because they suck. Articles are spread across too many pages simply to create ad revenue, articles are poorly written and researched, the editors often seem to take a cue from Slashdot, and to top it all off THG is hardly impartial. If you want good hardware coverage, get it somewhere else.
It is trivial to sniff your non-encrypted packets and determine the subnet you are using (or at least the IP address of your machines and gateway).
Why not use WEP? It doesn't cost anything. Also turn on MAC filtering and turn off SSID broadcasts.
Then you can claim to have a reasonably secure environment. (As far as consumer wireless stuff goes.)
Another idea for a home network is to run special cable rather than separate phone, ethernet, and coaxial.
It is bundled Cat5, telephone, and coaxial, and comes in a tight package not much larger than heavily shielded (RJ-6 coax?).
You can easily run central distribution of phones, video on demand, networking...etc...
Kill 3 birds with one stone....
Actually, no- it's not required in-wall. The only cases where plenum is required is in air ducts, hence the name, plenum cable. Want to guess why? PVC gives off extremely toxic fumes when it burns. Plenum is a little more fire resistant, and a little less toxic.
Try googling around, you'll find what I found:
"Plenum Cable: A cable with flammability and smoke characteristics that meet the safety requirements of the National Electrical Code® (NEC®) that allow it to be routed in a plenum area without being enclosed in a conduit. See plenum."
Regular CAT in a fire can act like a fuse, moving the fire from one part of the house to another inside the walls.
This is bullshit. It's not a "fuse", but regardless- plenum would eventually do the same thing- it's a little more fire-resistant than PVC, but it'll still burn.
Please help metamoderate.
I skimmed over the article and kinda looked bewildered when I saw that rack monster. From the look of this it kinda take the 'new' this old house stance instead of the 'old' this old house stance. That is to say, looks like they are doing new construction as opposed to a geeky retrofit.
Knowing your house plan is important as well as plan plan planning.
With DSL you have a bit of room to play. If possible (and environment permitting) I like to tap the phone line right where it comes into the house (usually the basement). Setting a nice shelf on the wall for your modem and (mandatory) router. A small 12" patch panel (larger if you want to do a phone retrofit). With Cable you are sometimes more tied to where the cable comes in, and thats not always the basement.
But planning is the key. Find where you want to be the heart of the network and try to run stuff there. If possible split the incoming broadband only once before the downlink device (modem).
Now comes the big question mark that hangs over most people's heads.. how to I do the jacks? Most people are just plain not familiar with the products in this category. There are several manufactures of this stuff I have experience, and happen to like the Panduit mini-com line of products. Most of the vendors have similar competing products. These jacks are not cheap. Try not to skimp and use low quality product. These are modular jacks that snap into not only the patch panel but also wall units that mount into standard electrical boxes (use the blue plastic ones please.. don't slice your data lines). The jacks are color coded and then snap together. You (almost) cant mess it up.
Now nearly all of your do-it-yourself people will not have a proper TDR (time domain reflectometer) to do exhaustive testing with. If you buy one of those 15 buck line continuity tester and if you use the (nearly) mistake proof jacks, you will probably be just fine for your updated geek home of tomorrow.
PS. Just because I like to my self I recommend that you run 2 lines if you are going to run one. The cable is cheap and you are already committed to the effort of running it.
PPS I'll leave the cable choice discussions up to other threads and the article. But if possible, match your jacks to the type of cable you choose.
I've also done thin-net installations, I can answer a few questions there if someone is a masochist:)
Well I have a nice home network that consists of copper strung through the walls. And if you want a professional looking job here are some tips and tricks to use:
- first place to check is your basement. Older homes might have had duct work for forced air heating but since switched to steam/hot water. I have helped my friend wire his whole house using the old ducts as pathways for running the cable.
- IF you want to run cable through the walls the outer walls of your home are filled with insulation thus making it near impossible to pull cable. the next best walls are walls inside your home that both side of the walls are inside your home. they are hollow and can easily have cable pulled through them.
- Closets are your friend as you can drill holes in them without having to worry about people seeing them. I have a cable that runs from my basement to the second floor closet through a hollow inner wall and then through the closet floor into the ceiling into the attic where I pulled the wire along to another room and drilled down through its closet to run the cable.
- If you want to know where studs are inside the walls of your home the standard spacing is 16 inches from the nearest corner. most any tape measure will have 16 inch markings for stud locations. But be aware this method isn't always 100% as some times they might be a much as 2 inches off.
- attics are also another great place to run cable. locate the room below you want to run cable to and drill from the attic to that rooms closet if it has one to conceal the cable.
- most homes have a molding around the floor. you can remove it with a pry bar without damaging it and cut holes into the sheet rock or plaster and run wire through them. Replace the molding to cover up the hole. always remember to not make the hole higher then the molding otherwise you just made a mess. This is a good way to get cable from one room to adjacent room/closet.
- If you do have forced air heating/cooling you can run cable inside the ducts. If you do decide to do this make sure you use plenum rated cable to stay compliant with local/national building codes.
- Buying cable can sometimes be a problem as you do not know what type or brand to buy. there are two basic cable types regular jackets which most likely be PVC or plenum rated. Plenum cable is designed to give off little or no toxic smoke when burned. this is used inside buildings that use the space inside a drop ceiling as an air duct as well. Also if you plan to run the cable inside an air duct you must use plenum cable to comply with national building codes. So if its just the inside of your home walls the cheap PVC is fine. Also don't go overboard and buy expensive beldin cat 5e stuff. I bought a roll and found it difficult to work with when it came to making patch cables. The crap they sell at the Home Depot is just fine and works good even for gigabit.
These are good ways to conceal cable and do it the same way an electrical contractor would. Some of you might be a little nervous knocking a hole on a wall or ripping up floor boards but if you want to do it yourself and save big bucks you certainly can. I have personally ran over 500ft of cat5 in my home to 10 different computers in 5 different rooms in my home. And if you ever saw the work you would think a contractor did it.
Not to mention the previous THG scandals. Vans, Q3test benchmarks, "nVIDIA approved testing" graphic, TNT2 vs. Voodoo 3 (THG refrained from reviewing the Voodoo5 btw)... The list goes on.
THG is visited religiously and exclusively by many computer enthusiasts, though if they cared to venture out beyond THG they'd find out that Mr. Pabst's establishment is and has been very controversial, to say the least.
Cat 5e is more durable than cat 6? What, exactly, do you mean by this? In the long haul, a Cat 6 solution is cheaper. "'The benefits of category 6 vs. category 5e are eye-opening,' says Brian Celella, a lead electrical engineer for The Siemon Company and an active member of the TR-42 committee. 'For small additional investment, you can have a cabling infrastructure that will deliver significantly higher bandwidth and system performance. When weighed against the time end-users wait for processing or downloads - real productivity time - a category 6 system is actually less expensive than a category 5e system.'"
I say run cat 6. Not only do you get more performance, but with all the interference generated in the home (office, school, anywhere), you'd benefit from the tighter twists in cat 6 as opposed to cat 5e.
"`Ford, you're turning into a penguin. Stop it.'" -Douglas Adams, THHGTTG
I don't run WEP, but secure my network by changing the default ip address of my router and disabling DHCP. So you have to know the correct subnet to use to get on my network and assign your own ip address.
You're not "securing" your network by changing the address and disabling DHCP. You're making an attacker take an additional few seconds before jumping on your network. Sniffing your network for a few minutes will reveal what address range should be used.
A better solution:
1) disable SSID broadcasting. Note that this is simply a "good" thing to do-- SSIDs can still be sniffed in normal traffic.
2) Use MAC filtering-- i.e. set your access point to only allow the mac addresses for the cards you have. This helps, but does *not* prevent others from stealing your mac for acccess.
3) Use the lame WEP
4) Use a VPN. Have your wireless in your DMZ (behind a firewall) and in front of another one. Have the internal firewall allow though the port(s) required for for your laptops to authenticate to your internal VPN server.
You can use IPSEC, CIPE, OpenVPN, vtun, or even PPP over SSH (not recommended). I personally like OpenVPN, although there is no Windows client at the moment (there is for IPSEC and CIPE though).
Configure your externally facing firewall to NOT
allow packets out from your wireless-- instead those packets need to come from your VPN server.
If somebody gets access to your wireless network they then cannot access the internet nor can they access your home network.
Running something like arpwatch looking for new MAC addresses is a nice thing as well, but if you're using mac address filtering it should be impossible for any other mac to authenticate on your network anyway.
-- I speak only for myself.