XBox Live via an OpenWRT router

One of the concerning requests of Xbox Live connectivity, is to enable UPnP or ‘Universal Plug and Play’ on your home router.

The UPnP protocol has a long standing history of security problems, not the least of which being that it allows unauthenticated devices to connect to and through your home network. In the past, I have advocated for this to be switched off by default in consumer grade routers and I explain the UPnP threat in another post.

Getting back on track, my security conscious view for our home network does nothing for a teenage boy who received an Xbox Live subscription for his birthday and, while some aspects of the Live subscription work, others – such as game sharing will fail. With this in mind, we need to setup port forwarding, rather than implement UPnP, to connect said teenager to his gaming buddies and keep our network free of the risks introduced by enabling UPnP.

Continue reading “XBox Live via an OpenWRT router”

UPnP – Why I don’t allow it on my Home Network

The UPnP protocol has a long standing history of security problems, not the least of which being that it allows unauthenticated devices to connect to and through your home network.

TLDR; UPnP is a flawed protocol which has been leveraged numerous times to conduct widespread attacks via large numbers of insecure devices. Do not enable UPnP on your network. Or do, but understand the potential consequences of your decision.

The rest of what follows is a rant/opinion/soapbox based on a number of years of experience in the real world of IT Security and Risk Analysis, and the cumulative research on the subject that goes with such. Continue reading “UPnP – Why I don’t allow it on my Home Network”

Kicking off with Koha

Koha is a fully featured, scalable library management system.

Koha LogoSo, I thought I’d set up Koha on a virtual machine to have a bit of a play, and maybe use it to manage our library at home.

Create the virtual machine

I’m using VirtualBox as my VM manager, so – first off we create a new machine, give it a name and set the type to ‘Linux, Debian (64-bit)’ as Koha is most often deployed on Debian servers.

The default settings (512MB RAM, 1 Processor, 8GB HDD) are fine, and we will set the network card to be a bridged adapter (which will give it its own IP address on our local network). For now so all that remains is to point the CD to the latest Debian installation image. I am using the network install as this machine will only be built with what Koha needs and thus I don’t need to pull down local copies of a bunch of things we won’t install. So, let’s start the VM and get on with the installation.

Continue reading “Kicking off with Koha”