TIP: Click on subject to list as thread! ANSI
echo: ipv6
to: Jay Harris
from: Alexey Vissarionov
date: 2021-10-23 11:00:00
subject: A small questionary on IS
Good ${greeting_time}, Jay!

22 Oct 2021 17:22:06, you wrote to Michiel van der Vlist:

 Mv>> Very odd. A normal reboot would not do that, only a factoy reset.
 Mv>> ISPs can initiate both, and a reboot is not all that strange, but
 Mv>> a factory reset would not normally be done by an ISP.
 JH> My Mom has a fiber-to-the-house connection with symmetrical gigabit
 JH> speeds at her house (which isn't available here, and I'm totally not
 JH> jealous) from her local power company.
 JH> The box they provide her (which is also her wifi router) "factory
 JH> resets" every time there is a power outage. When she first got the
 JH> connection she was using the default wifi SSID which was a prefix
 JH> and the mac-address of the router, along with a super long and
 JH> complicated password.

And, most likely, WPS turned on. If that's the case, it's very dangerous.

 JH> I made it more simple for them by making the wifi name more personal
 JH> to them and giving them a memorable passphrase instead of that
 JH> complicated password, sure enough the next time the power went out it
 JH> reverted back to factory settings. "No big deal" I thought, I just
 JH> set their box to bridge mode and added my own wifi box and set her up
 JH> that way.

When you need a bridge, you may like to use a simple media converter. https://www.aliexpress.com/item/1005001709518778.html could be a good start (requires the SFP module complimentary to those your ISP uses). Small combo switch is also ok if you know how to configure 802.1q VLANs there.

Once you have the link, set up the hardware you'd use as a server / router / whatever. Inexpensive RPi4 with 4 or 8 Gb RAM would be a wise choise for the nearest 5...10 years.

If you need WiFi, you may buy a cheap Ralink RT5370 dongle and use hostapd:

% cat /etc/hostapd/hostapd.conf
interface=wlan0
driver=nl80211
bridge=wifi
logger_syslog=-1
logger_syslog_level=2
logger_stdout=-1
logger_stdout_level=1
ctrl_interface_group=wheel
country_code=RU
hw_mode=g
channel=11
beacon_int=100
dtim_period=2
max_num_sta=255
rts_threshold=-1
fragm_threshold=-1
macaddr_acl=0
auth_algs=1
ignore_broadcast_ssid=0
wmm_enabled=0
eapol_key_index_workaround=0
eap_server=0
wps_state=0
ssid=Muzenirres
wpa=2
wpa_pairwise=CCMP
wpa_passphrase=ds4tN3oxUzku61WD

(obviously enough, ssid and wpa_passphrase were just generated - first as a pronounceable word, second as a pure 96-bit entropy wrapped in base64).


--
Alexey V. Vissarionov aka Gremlin from Kremlin
gremlin.ru!gremlin; +vii-cmiii-ccxxix-lxxix-xlii

... :wq!
--- /bin/vi
* Origin: ::1 (2:5020/545)
SOURCE: echomail via QWK@pharcyde.org

Email questions or comments to sysop@ipingthereforeiam.com
All parts of this website painstakingly hand-crafted in the U.S.A.!
IPTIA BBS/MUD/Terminal/Game Server List, © 2025 IPTIA Consulting™.