[Start of recorded material 00:00:00]
Phil Brown: Hi, it’s Phil Brown and I’m here with David Whelan. And today we’re going to talk about routers and modems.
David Whelan: The hardware that connects you to the internet is probably something that you have setup and forgotten about is probably gathering dust. But it’s worth knowing what you have between you and the internet. In part, because it helps you to understand how you’re connecting but also where you might have some things you need to be thinking about in order to protect your law firm from access from the internet.
Phil Brown: And most of the at least home systems these days combine routers and modems in single device but let’s just talk a bit for a second about the distinction between a modem and a router.
David Whelan: Right. The modem is the communication device. In the good old days, you always hear the little [making modem connecting sounds] in the background when it connected and that’s still going on, you just don’t hear it any longer. You can connect your computer directly into your modem and connect to the internet and be perfectly fine. In fact, that’s what a lot of people do when they use a rocket stick or something like that. It’s really just a data connection over the wireless network into the internet.
Phil Brown: And it’s connecting you to your internet service provider. That’s what’s on the other end.
David Whelan: Right. There should be a wire coming out of your wall, it could be your phone line. It could be your cable connection and that connects into your modem. And that modem then provides access to whatever you connect to it.
And that’s where the router comes in because the router is the network component inside your office or inside your home that allows you to connect lots of other devices. Your printers, your tablets, your laptops, your desktops can all connect to other wires that then connect into the router. And the router then helps your information go backwards and forwards.
Phil Brown: Right. So the router is that networking device within your home network or your business network.
David Whelan: Right because the router does exactly what it says it does, it routes information. When you send a picture or a document across a network whether you’re sending it to a printer inside your office or you’re sending an email to someone in a court, that information is being broken up into little chunks called packets. And all the packets are exactly the same size.
So depending on how big the file you’re sending, you may be sending more or fewer packets but you’re still sending all these packets. And each of those packets has to go from your computer to the other computer. And the only way it can do it is by going through a router. A router on your network that then sends it out to another router out onto the internet.
And over many, many other routers until it gets to its destination. And all of your packets won’t necessarily go to the same routers but they’ll start with yours. So you need to have a router on your network in order to help you to send and then also to receive information.
Phil Brown: And routers do a lot of different things in terms of timing and determining what order to send things in and what to accept as well.
David Whelan: Exactly. The router is a smart device. It’s not just a piece of plastic that receives calls or sends calls. And the modem isn’t either. I think one of interesting things for lawyers is that both of these devices will have a web interface on them so that you can plug your laptop or you can plug your computer into your modem, you can plug it into your router.
And there will be instructions on how you can access this hopefully password protected interface which allows you to then configure the software that is running and it’s called firmware but the software that’s running on these devices.
Phil Brown: We have talked in other podcasts about setting things up and hopefully the first thing everyone does with their business router, modem and their home network as well is to change their passwords and change the administrative sign in so that other people can’t log into that device.
David Whelan: If you haven’t done that, then just Google the name of your router or the name of your modem and admin password and it will tell you what the admin password is for your device and you can go ahead and change that. But you really should change that. There’s some other nice features on routers in particular, less so on modems. Although if they’re combined, then you do get all the features together.
But there are things like you can control the time of day that the router emphasizes certain kinds of traffic over others. This is really useful in a home for example if you have kids or something who are playing games that may be dragging down on your ability to do your work.
You can actually say, “I only want this kind of traffic to be allowed or to be emphasized over this period. And I want this other kind of traffic to be throttled.” So you can really do some interesting controls to make sure that the hardware is tuned to how you do your work.
Phil Brown: And again as you said, there’s an interface for your web browser, your router or modem has a distinct and unique IP address or a MAC address that you would put into a browser that usually start 192 or 196 or something like that. You sign into that device, you put in your password and the admin ID and then you can get into a number of different functions that you can adjust yourself.
David Whelan: Right. The trick you have to – or the thing you have to keep in mind really is that if it’s connected to the internet so that you can get out to the internet whether it’s your modem or it’s your router, that means that someone on the outside can get back into those devices as well unless you’ve secured them because anything that’s connected to the internet is going to have a two-way connection.
So that’s why it’s really important to get in there and to at first just put that very, very basic protection on there. But then again, to really think about what else can I control in there. Do I want to limit by as you say the MAC address and MAC not meaning Macintosh computers but it’s a media access controls is what MAC stands for. And so it allows you to say, “I only want devices with these MACs to use this network.”
So one of my favourite stories about wireless and other networks is you could go to a police department in Chesapeake in Maryland. And there’d be cars parked out in the front of the cops. And it was people who’d gone to the coffee shop next door and got their coffee and then got back in their cars but the police had not secured their wireless.
So they get their coffee, they go sit in their cars and they’d use the free Wi-Fi through the coffee shop because the police hadn’t bothered to secure – they probably secured the actual access points so you couldn’t get into make changes to the device. But they hadn’t actually protected who could use that network.
Phil Brown: And you’ll often see that if you’re looking at a network outside. You’ll see the name of the network and then there might be three or four other networks some of which will have that little lock beside them indicating that they’re secure or at least partially secure and some are wide open.
David Whelan: Right. An interesting thing has happened recently where there are some – there have always been hackers who have gone out and tried to attack routers because if you can take control of the router, then you can take control of all the information that passes through it.
So if you think for example about how you connect to your bank and you log into a secure portal on your bank and you’re sending information, that information is travelling through your router. So it’s anybody who can watch what’s going on on your router can also access that information.
So the hackers have been very good about getting in and leaving software on routers that are unprotected, routers that are old and there have been counter groups coming out and attacking routers to patch them, to fix them so that routers that have been left unattended are being proactively approved by so called white hackers. I don’t think you want to be in the case where you have anybody messing around on your modem or your router.
Phil Brown: No. And we’ve talked before about these devices having a limited life span. And one of the reasons they have a limited lifespan is because a number of the components are made by various third parties and the firmware itself, which you’ve briefly mentioned has not been updated and made more secure. But there’s a few fixes for that.
David Whelan: Yes. If you buy enterprise or business level hardware like Cisco, then you’re usually going to be in a position where you can get your hardware upgraded on a regular basis. Patches will come out for the software, things like that.
If you’re buying a router or a modem from Best Buy or if you’re even getting it from your ISP, there’s a really good chance that when it came out, that was the last time anybody thought about it and it hasn’t been updated. The software on it hasn’t been updated and no one is watching to see whether your device is actually – is working as fast as it could, as secure as it could and all that.
So if you’re buying consumer grade products, the best thing to do is plan after about a year or so to just throw it away and get another one. But if you have the opportunity and you should check before you throw it in the trash, see if you can upgrade your firmware and the first best choice really is to find out if I’ve got a Linksys router or I’ve got a SpeedTel modem, do those companies themselves have firmware that I can download and apply and it’s pretty easy. You download, you log into your web interface on the device and you tell it where to find the downloaded file and it will take care of the rest of it.
Phil Brown: And then there are a number of sort of open source firmware available for Linksys and for some of the other well-known devices like DDWRT is one, Tomato is another, Gargoyle is another. And they’re either freeware or partially freeware and they enable you to update that firmware and do a number of things that you might not be able to do with the firmware that the device comes with.
David Whelan: Yes, I use DDWRT in part because I think it’s got benefit beyond the firmware that came with my Linksys router. But as you say, what it does is it extends the capability of the software or the firmware that’s on your device.
So if you get to the point where you’ve got a device that is no longer being supported by Linksys or whatever the company is who sold it or made it, you can look to see if you can use Tomato or Gargoyle or DDWRT on your router and that will extend the life of it and it will also give you access to a community that is updating that software and is looking for the security holes and the efficiency holes that otherwise might not appear.
Phil Brown: That’s our brief look at routers and modems. Thanks, David.
[End of recorded material 00:10:49]