://allthings-bare

bare_zero516

bare_zero516

Source: Uploaded by user via Bernard on Pinterest

bare_zero516

Your Wi-Fi network is your conveniently wireless gateway to the internet, and since you're not keen on sharing your connection with any old hooligan who happens to be walking past your home, you secure your network with a password, right? Knowing, as you might, how easy it is to crack a WEP password, you probably secure your network using the more bulletproof WPA security protocol.

Here's the bad news: A new, free, open-source tool called Reaver exploits a security hole in wireless routers and can crack most routers' current passwords with relative ease. Here's how to crack a WPA or WPA2 password, step by step, with Reaver—and how to protect your network against Reaver attacks.

In the first section of this post, I'll walk through the steps required to crack a WPA password using Reaver. You can follow along with either the video or the text below. After that, I'll explain how Reaver works, and what you can do to protect your network against Reaver attacks.

First, a quick note: As we remind often remind readers when we discuss topics that appear potentially malicious: Knowledge is power, but power doesn't mean you should be a jerk, or do anything illegal. Knowing how to pick a lock doesn't make you a thief. Consider this post educational, or a proof-of-concept intellectual exercise. The more you know, the better you can protect yourself.

What You'll Need

You don't have to be a networking wizard to use Reaver, the command-line tool that does the heavy lifting, and if you've got a blank DVD, a computer with compatible Wi-Fi, and a few hours on your hands, you've got basically all you'll need. There are a number of ways you could set up Reaver, but here are the specific requirements for this guide:

The BackTrack 5 Live DVD. BackTrack is a bootable Linux distribution that's filled to the brim with network testing tools, and while it's not strictly required to use Reaver, it's the easiest approach for most users. Download the Live DVD from BackTrack's download page and burn it to a DVD. You can alternately download a virtual machine image if you're using VMWare, but if you don't know what VMWare is, just stick with the Live DVD. As of this writing, that means you should select BackTrack 5 R1 from the Release drop-down, select Gnome, 32- or 64-bit depending on your CPU (if you don't know which you have, 32 is a safe bet), ISO for image, and then download the ISO.

A computer with Wi-Fi and a DVD drive. BackTrack will work with the wireless card on most laptops, so chances are your laptop will work fine. However, BackTrack doesn't have a full compatibility list, so no guarantees. You'll also need a DVD drive, since that's how you'll boot into BackTrack. I used a six-year-old MacBook Pro.

A nearby WPA-secured Wi-Fi network. Technically, it will need to be a network using WPA security with the WPS feature enabled. I'll explain in more detail in the "How Reaver Works" section how WPS creates the security hole that makes WPA cracking possible.

A little patience. This is a 4-step process, and while it's not terribly difficult to crack a WPA password with Reaver, it's a brute-force attack, which means your computer will be testing a number of different combinations of cracks on your router before it finds the right one. When I tested it, Reaver took roughly 2.5 hours to successfully crack my password. The Reaver home page suggests it can take anywhere from 4-10 hours. Your mileage may vary.

Let's Get Crackin'

At this point you should have BackTrack burned to a DVD, and you should have your laptop handy.

Step 1: Boot into BackTrack

To boot into BackTrack, just put the DVD in your drive and boot your machine from the disc. (Google around if you don't know anything about live CDs/DVDs and need help with this part.) During the boot process, BackTrack will prompt you to to choose the boot mode. Select "BackTrack Text - Default Boot Text Mode" and press Enter.

Eventually BackTrack will boot to a command line prompt. When you've reached the prompt, type startx and press Enter. BackTrack will boot into its graphical interface.

Step 2: Install Reaver

Reaver has been added to the bleeding edge version of BackTrack, but it's not yet incorporated with the live DVD, so as of this writing, you need to install Reaver before proceeding. (Eventually, Reaver will simply be incorporated with BackTrack by default.) To install Reaver, you'll first need to connect to a Wi-Fi network that you have the password to.

Click Applications > Internet > Wicd Network Manager

Select your network and click Connect, enter your password if necessary, click OK, and then click Connect a second time.

Now that you're online, let's install Reaver. Click the Terminal button in the menu bar (or click Applications > Accessories > Terminal). At the prompt, type:
apt-get update
And then, after the update completes:
apt-get install reaver
If all went well, Reaver should now be installed. It may seem a little lame that you need to connect to a network to do this, but it will remain installed until you reboot your computer. At this point, go ahead and disconnect from the network by opening Wicd Network Manager again and clicking Disconnect. (You may not strictly need to do this. I did just because it felt like I was somehow cheating if I were already connected to a network.)

Step 3: Gather Your Device Information, Prep Your Crackin'

In order to use Reaver, you need to get your wireless card's interface name, the BSSID of the router you're attempting to crack (the BSSID is a unique series of letters and numbers that identifies a router), and you need to make sure your wireless card is in monitor mode. So let's do all that.

Find your wireless card: Inside Terminal, type:
iwconfig
Press Enter. You should see a wireless device in the subsequent list. Most likely, it'll be named wlan0, but if you have more than one wireless card, or a more unusual networking setup, it may be named something different.

Put your wireless card into monitor mode: Assuming your wireless card's interface name is wlan0, execute the following command to put your wireless card into monitor mode:
airmon-ng start wlan0
This command will output the name of monitor mode interface, which you'll also want to make note of. Most likely, it'll be mon0, like in the screenshot below. Make note of that.

Find the BSSID of the router you want to crack: Lastly, you need to get the unique identifier of the router you're attempting to crack so that you can point Reaver in the right direction. To do this, execute the following command:
airodump-ng wlan0
You'll see a list of the wireless networks in range—it'll look something like the screenshot below:

When you see the network you want, press Ctrl+C to stop the list from refreshing, then copy that network's BSSID (it's the series of letters, numbers, and colons on the far left). The network should have WPA or WPA2 listed under the ENC column. (If it's WEP, use our previous guide to cracking WEP passwords.)

Now, with the BSSID and monitor interface name in hand, you've got everything you need to start up Reaver.

Step 4: Crack a Network's WPA Password with Reaver

Now execute the following command in the Terminal, replacing bssid and moninterface with the BSSID and monitor interface and you copied down above:
reaver -i moninterface -b bssid -vv
For example, if your monitor interface was mon0 like mine, and your BSSID was 8D:AE:9D:65:1F:B2 (a BSSID I just made up), your command would look like:
reaver -i mon0 -b 8D:AE:9D:65:1F:B2 -vv
Press Enter, sit back, and let Reaver work its disturbing magic. Reaver will now try a series of PINs on the router in a brute force attack, one after another. This will take a while. In my successful test, Reaver took 2 hours and 30 minutes to crack the network and deliver me with the correct password. As mentioned above, the Reaver documentation says it can take between 4 and 10 hours, so it could take more or less time than I experienced, depending. When Reaver's cracking has completed, it'll look like this:

A few important factors to consider: Reaver worked exactly as advertised in my test, but it won't necessarily work on all routers (see more below). Also, the router your cracking needs to have a relatively strong signal, so if you're hardly in range of a router, you'll likely experience problems, and Reaver may not work. Throughout the process, Reaver would sometimes experience a timeout, sometimes get locked in a loop trying the same PIN repeatedly, and so on. I just let it keep on running, and kept it close to the router, and eventually it worked its way through.

Also of note, you can also pause your progress at any time by pressing Ctrl+C while Reaver is running. This will quit the process, but Reaver will save any progress so that next time you run the command, you can pick up where you left off-as long as you don't shut down your computer (which, if you're running off a live DVD, will reset everything).

How Reaver Works

Now that you've seen how to use Reaver, let's take a quick overview of how Reaver works. The tool takes advantage of a vulnerability in something called Wi-Fi Protected Setup, or WPS. It's a feature that exists on many routers, intended to provide an easy setup process, and it's tied to a PIN that's hard-coded into the device. Reaver exploits a flaw in these PINs; the result is that, with enough time, it can reveal your WPA or WPA2 password.

Read more details about the vulnerability at Sean Gallagher's excellent post on Ars Technica.

How to Protect Yourself Against Reaver Attacks

Since the vulnerability lies in the implementation of WPS, your network should be safe if you can simply turn off WPS (or, even better, if your router doesn't support it in the first place). Unfortunately, as Gallagher points out as Ars, even with WPS manually turned off through his router's settings, Reaver was still able to crack his password.

In a phone conversation, Craig Heffner said that the inability to shut this vulnerability down is widespread. He and others have found it to occur with every Linksys and Cisco Valet wireless access point they've tested. "On all of the Linksys routers, you cannot manually disable WPS," he said. While the Web interface has a radio button that allegedly turns off WPS configuration, "it's still on and still vulnerable.

So that's kind of a bummer. You may still want to try disabling WPS on your router if you can, and test it against Reaver to see if it helps.

You could also set up MAC address filtering on your router (which only allows specifically whitelisted devices to connect to your network), but a sufficiently savvy hacker could detect the MAC address of a whitelisted device and use MAC address spoofing to imitate that computer.

Double bummer. So what will work?

I have the open-source router firmware DD-WRT installed on my router and I was unable to use Reaver to crack its password. As it turns out, DD-WRT does not support WPS, so there's yet another reason to love the free router-booster. If that's got you interested in DD-WRT, check their supported devices list to see if your router's supported. It's a good security upgrade, and DD-WRT can also do cool things like monitor your internet usage, set up a network hard drive, act as a whole-house ad blocker, boost the range of your Wi-Fi network, and more. It essentially turns your $60 router into a $600 router.

Further Reading

Thanks to this post on Mauris Tech Blog for a very straightforward starting point for using Reaver. If you're interested in reading more, see:

Ars Technia's hands on

This Linux-centric guide from Null Byte

The Reaver product page (it's also available in a point-and-click friendly commercial version.

Reddit user jagermo (who I also spoke with briefly while researching Reaver) has created a public spreadsheat intended to build a list of vulnerable devices so you can check to see if your router is susceptible to a Reaver crack.

Have any experience of your own using Reaver? Other comments or concerns? Let's har it in the comments.

via lifehacker.com

Posted via email from ://allthings-bare

bare_zero516

via lifehacker.com

If you're a user of the popular Steam gaming platform, you've likely heard about the hack that potentially compromised passwords and credit card information. Although much of the damage has been done, but there are still things you can do to protect yourself. Here's a look at your options moving forward.

Change Your Passwords

Full size
Perhaps you use a good, strong, unique password on your steam account and, despite being stolen in the hack, it still remains safe and encoded. You may not be so lucky if you have a weak password. Either way, now is a good time to change it if you haven't already. When you're choosing a new password, it helps to know what the pros look for when they try to guess and methods hackers use to crack them so you can avoid falling into those traps. There are also a few good practices to follow. The most secure password is often one you don't even know. If you'd prefer something memorable, however, a multi-word password is generally considered to be among the most secure types. When you've come up with a password you like, be sure to test it so you know you didn't come up with one that's easy to guess or hack. Change it on your Steam account and you'll be in better shape.
Change Your Email Password, Too

If you're feeling a little worried, one thing worth noting is that Steam pays attention to when you access it from new computers. You have to enter a new code each time that is delivered via email, so even if your password was compromised the person trying to use it would also need access to your email account. It's best to have unique passwords for all your accounts, but if you've been using the same password this might be a good time to change. At the very least, make sure your email password doesn't match the one you use for any other service.

Monitor Your Credit and Debit Cards

Full size
It is still unclear whether or not any credit cards associated with Steam accounts were actually compromised, but you're going to want to keep a close eye on your statements to make sure there are no fraudulent charges. You may also want to call your bank and see what they suggest you do in this situation. They'll likely err on the side of security and suggest a replacement card with a new number. This can be a little inconvenient as it means being without your card for awhile, but if you go into one of your bank's branches you can usually get a temporary ATM card so you'll at least have easy access to your money.
Additionally, one of the best ways to protect yourself in the future is to use virtual credit cards. These virtual numbers often allow you to set specific spending limits so that if they're stolen your risk is minimized. Usually you can also specify timeframes and set them as single-use cards so you don't get any surprise charges. This is one of the best ways to protect yourself from credit card fraud when paying online, but it does require a bit of upkeep when it comes to recurring payments.

via lifehacker.com

Posted via email from ://allthings-bare

bare_zero516

Firefox: Firesheep sniffs out and steals cookies—and the account and identity of the owner in the process—of popular web sites (like Facebook and Twitter) from the browsing sessions of other users on the Wi-Fi hotspot you're attached to.
Firesheep is a proof-of-concept Firefox extension created by Eric Butler to show how leaky the security many popular web sites (like Facebook, Flickr, Amazon.com, Dropbox, Evernote, and more) employ is. The problem, as Firesheep shockingly demonstrates, is that many web sites only encrypt your login. Once you are logged in they use an unsecured connection with a simple cookie check. Anyone from your IP address (that of the Wi-Fi hotspot) with that cookie can be you. When using Firesheep on a public hot spot any session it can intercept is displayed in the Firesheep pane with the user's name and photograph (when available). Simply click on their name to intercept the session and start browsing the website as though you are them.

What can you do to protect yourself against such a painfully easy attack against your privacy and security? You can set up an SSH SOCKS proxy to encrypt your traffic, effectively sending your site sessions and accompanying cookies through a sniff-proof tunnel. For a less involved alternative, however, you could use something like the previously mentioned HTTPS Everywhere Firefox extension or Force-TLS (highlighted by TechCrunch). Essentially, these extensions will force popular sites to send data via the more secure HTTPS protocol, which encrypts data as it's sent, and while it's slightly slower, it's definitely worth using HTTPS when available.

Firesheep is free, works wherever Firefox does, and requires a wireless card capable of operating in promiscuous mode.

Firesheep [Code Butler via TechCrunch]

via lifehacker.com

Posted via email from ://allthings-bare

bare_zero516

Posted via email from ://allthings-bare

bare_zero516

by Christopher Breen, Macworld.com Nov 10, 2011 10:00 am

The weekly Macworld Video returns! Starting this week, Macworld’s editors will provide a helpful video compatible not only with your web browser, but also your iOS device. In this specific video I show you how to use DVD Player to determine which is the correct main title to rip for the DVDs you own. Enjoy.

Download Macworld Video #157

• Format: MPEG-4/H.264

• Resolution: 480 x 272 (iPhone & iPod compatible)

• Size: 3 MB

• Length: 1 minute, 53 seconds

Show Notes

Similar Articles

Rip DVDs for your iPhone, iPod, and Mac

How to rip a DVD with HandBrake

Hack the iPod's Notes

Beyond HandBrake's defaults

A conversation with Siri

Macworld Video: Tricks for a manually managed iPod

DVD ripping FAQ

[Editor’s note: The MPAA and most media companies argue that you can’t legally copy or convert commercial DVDs for any reason. We (and others) think that, if you own a DVD, you should be able to override its copy protection to make a backup copy or to convert its content for viewing on other devices. Currently, the law isn’t entirely clear one way or the other. So our advice is: If you don’t own it, don’t do it. If you do own it, think before you rip.]

I discuss two utilities in this video. HandBrake and VLC. Go get ’em. DVD Player can be found in your Mac’s Applications folder.

To subscribe to the Macworld Video stream via iTunes, click here.

You can also see a complete archive of all our videos on Macworld’s YouTube channel. Subscribe to that channels and you will be notified whenever we post a new video.

Or just point your favorite podcast-savvy RSS reader to: http://feeds.macworld.com/macworld/video/

See more like this:

DVD ripping

Recommend? 0 YES 0 NO

0 Comments

Email

Print

via macworld.com

Posted via email from ://allthings-bare

bare_zero516

A man who created a bogus stock price tracker app for the iPhone that was in fact malware has been thrown out of Apple’s developer program. That would seem uncontroversial until you discover the app was designed to highlight a security flaw rather than cause damage or steal data.
Charlie Miller was told his right to create and upload apps had been terminated “effective immediately.”
If Miller’s name seems familiar, that may be because he’s a perennial winner at the PWN2OWN competition, held at the CanSecWest security event in Vancouver each year. Contestants can ask judges to visit a URL using various combinations of hardware, operating system and browser, with the latest publicly available security updates applied. Last year was a particularly bad day for Apple with a MacBook Pro running Safari the first computer to fall (Miller being the successful attacker) and the iPhone the first smartphone hacked.
According to Miller, his latest “attack” came after he spotted a security flaw in iOS. The flaw, unwittingly introduced in a recent iOS update, appeared to allow code to be added to an app after it had already been vetted by Apple and installed on devices.
To prove this was a genuine threat, Miller released an app named InstaStock in September. Using a post-approval update, he says he was in a position where he could have remotely downloaded contacts and pictures from phones running the app.
Miller says he reported the flaw to Apple in mid-October. He went public yesterday and was barred from the program a few hours later. He’s scheduled to unveil more details of the flaw at a security conference next week.
The BBC quotes one possible overenthusiastic analyst who calls the revelation the “the most significant threat yet to Apple’s app store economy.”
Meanwhile The Register has more details on the flaw, making the important point that it merely allows would-be attackers the same opportunities they’ve had on Android devices for some time.
(Image credit: Garret Gee)

via geeksaresexy.net

Posted via email from ://allthings-bare

bare_zero516

Hacking your Wii hasn't been difficult, but it has required a somewhat detailed process. Now we have LetterBomb, which is an incredibly simple way to hack your Wii. It only takes about five minutes to accomplish. Here's how to do it.

First things first, you're going to need the following:

A Nintendo Wii, obviously, but make sure it's running System Menu 4.3

An SD or SDHC card with some free space—it can have other stuff on it.

Step One: Get Your Wii's MAC Address

Before we can do anything, we need to go find your Wii's MAC Address. Go to your Wii's home screen and click the Wii Options button. Once it loads, choose Wii Settings. From there, navigate to the second page and click the Internet button. Finally, click the Console Information button and you'll have your Wii's MAC address. Either write this down or just leave it up on your screen.

Step Two: Generate the LetterBomb.zip File

Now get on your computer and go to please.hackmii.com and enter your Wii's MAC address. You'll also need to type in what you see in the captcha image. Once you've filled those things out, cut the red or the blue wire. It doesn't really matter. This will generate a LetterBomb.zip file that will start downloading.

Step Three: Prepare the SD Card

Now insert your SD or SDHC card into your computer, because we're going to need to copy some files onto it. First, unzip the LetterBomb.zip file on your computer. Next, drag the contents of the zip to your SD or SDHC card. When it's done copying, eject it, and put it in your Wii.

Step Four: Open the LetterBomb

Back on the Wii, head on over to the Wii Message Center. There's going to be a new message for you with a bomb in it, but where that message is going to be will depend on your time zone and when you generated the file. In most cases, it will be in yesterday's mail, but it could be today or a couple of days ago. You'll know when you see it. When you're ready to pull the trigger, just click on the LetterBomb message icon. The process will take about a minute, so be patient. You'll have a hacked Wii when it's done.

If you run into any issues along the way it's probably because you don't have the right version of the Wii System Menu. If you try to use LetterBomb with the wrong version, it'll freeze your Wii. Not to worry—just force-reboot your Wii, make sure you update properly, and try again. Obviously you want to do the update beforehand, but in the event you forget it's not really a big deal.

Step Five: Install BootMii and the Homebrew Channel

Once LetterBomb has done its thing, it'll tell you to press 1 to continue. Do that and you'll be able to use your WiiMote to start installing things. What you're really interested in is the Homebrew Channel, but BootMii will provide you with some extra features (like backup). Once everything is installed, you'll be all set.

Music by Comptroller

LetterBomb | Hack Mii
You can follow Adam Dachis, the author of this post, on Twitter, Google+, and Facebook. Twitter's the best way to contact him, too.

via lifehacker.com

Posted via email from ://allthings-bare

bare_zero516

Adam Dachis — We've shown you how to build a Hackintosh with enough power to rival a Mac Pro, but for those of you who want a still powerful Mac on a budget you can build a Hack Mini. We'll show you what you need to build it and walk you through the entire OS X installation.
Hackintoshing used to be a complicated process, but since Hackintosh expert tonymacx86 came around it's gotten a lot easier. While I've been hackintoshing netbooks for awhile, I always shied away from building a machine because I was concerned about stability issues. After seeing how well Pash's and Whitson's Hackintoshes ran, and seeing how slow my less-than-a-year-old iMac had become, I decided it was time to do it. I've had one week with the Hack Mini and so far it's actually more stable than my iMac. It's also twice as fast (according to benchmarks) and cost half as much (if you already have an extra monitor). The whole process was very easy and produced a better machine. While I had Whitson around to help me out, if you have some knowledge of how to build a computer this is likely something you can do. I am still surprised that the process was so easy and that the machine is so fast for so little money. Now it seems silly to ever buy a Mac desktop again.

What You'll Need

Full size
At the time of this writing, the parts necessary for this build came to a total of $599.65. There are certainly other, potentially cheaper components you could use to make your Hack Mini but we know this build works. It's heavily based upon TonyMac's CustoMac Mini build, using only a few parts that are a little different (but work all the same). We built this one ourselves, adding a few extras like an SSD (which is optional, to keep the build under $600), and it runs beautifully. Here's what you'll need:

Gigabyte GA-H55N-USB3 Motherboard $104.99

Intel Core i3 Processor i3-540 3.06GHz 4MB LGA1156 CPU $110.00

ZOTAC nVidia GeForce GT240 512 MB DDR3 DVI/HDMI PCI-Express Video Card $84.99

2x2GB Corsair PC3-10666 1333Mhz Dual Chanel 240-pin DDR3 Desktop RAM $43.99

Western Digital 1TB SATA III 7200 RPM 32MB Cache Desktop Hard Drive $59.99

SilverStone SG05BB-450 ALL Black Plastic/SECC Mini-ITX Computer Case with SFX 450W 80+ Bronze Certified/Single +12V rail Power Supply $119.99

Sony Optiarc 8X SATA DVD+/-RW Slim Drive $34.99

StarTech.com MCSATAADAP Micro SATA to SATA Adapter Cable with Power $11.71

Mac OS X 10.6 Snow Leopard $29.00

OPTIONAL: OCZ Agility 120GB SSD $199.99 (note: this is optional and not included in the total cost of the machine)

Note: If you're like me and don't need an optical drive, don't try to build this machine without one. You need an internal optical drive or you will not be able to complete the entire process.

Another note: The VGA port on your video card isn't going to work. DVI and HDMI will work just fine, but don't plug anything in to the VGA port or you will be disappointed.

Total cost: $599.65

Once you've got all the hardware in hand, you'll need to assemble your computer. Building a Hackintosh isn't any different than building a regular PC. You'll need to mount the motherboard to your case, install all the components listed above, and plug in all the necessary cables. If you're not sure of anything, read the manual for the motherboard. It's worth noting that the GA-H55N (the motherboard used in this build) uses some less-than-usual names when labeling everything, but you won't have any trouble figuring out what's what. If you're new(-ish) to the computer building process, have a look at our guide to building a computer from scratch.

Once you've finished putting it all together, turn on the machine and make sure you see your BIOS screen, which will include its firmware version (3, 4, or 5). Write down the firmware version now. You will need it later. If everything looks good, it's time to start hackintoshing.

Installing Mac OS X 10.6

Now we need to install OS X, which is where things get a little trickier and much more specific. Read these instructions carefully and follow them in the exact order they are written. If you do something out of order you may have to start again from scratch. With that in mind, here's what you're going to need for a successful installation:

A Mac OS X 10.6 Snow Leopard Install DVD (the same one you'd buy from Apple for a real Mac)

iBoot (which you get from tonymacx86, but you'll need to register for the forums in order to download it)

MultiBeast 3.1.0 or later (also from tonymacx86, and also requires forum registration for download)

Mac OS X 10.6.8 Combo Update (direct download from Apple)

Lnx2Mac's Realtek 81XX Installer (so your Ethernet card will work)

The relevant DSDT file for the GA-H55N motherboard

To get the DSDT file you need, go here and choose the following from the "Choose your Motherboard" drop-down menu:

Gigabyte

Socket 1156

H55

GA-H55N-USB3

From there you'll see options for F3, F4, and F5. These numbers correspond to the firmware versions on your motherboard. Assuming you did, indeed, write down the firmware version in your BIOS when you test-booted the machine earlier, you'll know which one of these options to pick. If not, test boot again and look for the firmware version on the BIOS boot screen. It's most likely F5, but don't guess. Guessing wrong means your Hackintosh will not work properly.

Prep Your Tools

First, take the iBoot.iso image you downloaded and burn it to a CD. It has to run on a CD. It will not work from a thumb drive. You can also burn a CD with MultiBeast, Lnx2Mac's Realtek driver installer, and the DSDT file you just downloaded, but I prefer to just toss all of these files on a Mac-friendly thumb drive.

Once all of that's ready, insert your iBoot CD and plug in your USB thumb drive (or external optical drive with the Snow Leopard install DVD inside). Also plug a USB keyboard into one of the frontside USB ports on your Hack Mini. (While the ports in the back should work during boot time they didn't for me, but there were no issues with the ones up front.) Next, turn on your Hack Mini and hold the delete key while it boots. This will let you edit your BIOS settings and select a boot order. Once the edit screen loads, follow these steps:

Choose "Advanced BIOS Settings."

If "Quick Boot" is enabled, disable it.

Set the "First Boot Device" to CDROM.

Set the "Second Boot Device" to Hard Disk. (The third can be set to whatever you want.)

If you have more than one hard drive installed, go up to "Hard Disk Boot Priority" and hit enter. Make certain that the hard disk you're going to use for Mac OS X is up at the top. If not, move it to the top by selecting it with the arrow keys and pressing the Page Up key until it gets there. Note: this is just for hard disks—your optical drive is still first on the list from the change you made earlier.

Press the escape key until you get to the main BIOS settings page (where you started).

Press F10 to save your changes. You'll be asked if you're sure you want to do this. Type Y if there isn't already a Y typed for you and press enter.

If you haven't already inserted your iBoot disc into your optical drive, now's that time to do it. Your Hack Mini should now (slowly) boot using iBoot and provide you with any startup discs it sees. What you'll need to do now is eject the iBoot disc, insert your Snow Leopard DVD, and boot from it (by selecting it, if necessary, and pressing enter). You should now see the grey Apple boot screen and, soon, the OS X installer.

Run the OS X installation just like you would on any other Mac. In order to do this, you may need to format your internal hard drive first. If you do, just open the Utilities menu and choose Disk Utility. You'll be able to format your hard drive (or SSD) from there.

Once the installer finishes it may say it failed to install OS X. This did not happen with me but it's a common quirk with Hackintosh installations. If it happens to you, don't panic—everything is just fine. Go ahead and restart your machine and leave your iBoot CD in the optical drive. When you boot this time, you'll have a new option: your hard drive. Boot from it and you'll be on your new OS X desktop in minutes.

Configure Your New Hack Mini

Full size
You've installed OS X just fine, but your machine still needs drivers to work properly and a bootloader to boot without the aid of a CD. To do that, you're going to need to install a few things and it needs to be done in a very specific order. If you stray from this order there's a good chance you'll run into problems, so follow these instructions carefully.
Note: It may look like things are missing here, as we're not checking any boxes to install bootloaders or graphics drives, but don't worry—MultiBeast will take care of it all for you.

Copy the DSDT file you downloaded to the desktop.

Open up MultiBeast and Lnx2Mac's Realtek driver installer but do not install anything

Open the Mac OS X 10.6.8 Combo Installer and run it. When it finishes, do not restart.

With MultiBeast open, choose check the following boxes:

UserDSDT Install

System Utilities

Drivers & Bootloaders -> Kexts & Enablers -> Audio -> Realtek ALC8xx -> ALC8xxHDA

Drivers & Bootloaders -> Kexts & Enablers -> Audio -> Realtek ALC8xx -> AppleHDA Rollback

Drivers & Bootloaders -> Kexts & Enablers -> Disk -> JMicron36x (AKA GSATA) -> JMicron36x SATA

Drivers & Bootloaders -> Kexts & Enablers -> Miscellaneous -> FakeSMC Plugins

Drivers & Bootloaders -> Kexts & Enablers -> Miscellaneous -> USB 3.0 - NEC/Renesas

Anything in the OSx86 Software category you want to install (but none of it is required)

Click the Install button on MultiBeast and wait for the installer to finish.

Install Lnx2Mac's Realtek 81XX driver (make sure you check the release version and not the debug version during installation).

Eject the iBoot CD and click the Restart button on your Mac OS X 10.6.8 Combo Update's installer window.

Make sure your sound and Ethernet are working. If not, you may have done something wrong and will need to run MultiBeast again to install those drivers. Once you've got all of that working, there's one last thing to do.

Re-run MultiBeast and select just one option: Customization -> Boot Options -> 64-Bit Apple Boot Screen. This will make your graphic's card run at full capacity, utilize OS X's 64-bit capabilities, and a bunch of other little nice enhancements as well. Once you've installed this option, reboot and you're done.

The only thing that won't work after a successful installation is HDMI audio, but there is a way to get this working. Tonymacx86 has posted a process to get functional HDMI audio on most Hackintoshes, including this one. Since it isn't vital we're not going to cover it here, but if HDMI audio is important to you then you will want to read those instructions.

Congratulations, you now have your very own Hack Mini!

The Future

The nice thing about putting together this Hack Mini right now is that you'll end up with OS X 10.6.8—likely the final update to Snow Leopard. This means that so long as you stick with Snow Leopard your machine will run fine. If you want to update to Lion in the future, keep an eye on tonymacx86.com for updates. We'll also be building a Lion-based machine later this Summer, so stay tuned.

You can follow Adam Dachis, the author of this post, on Twitter and Facebook. Twitter's the best way to contact him, too.

via lifehacker.com

Posted via email from ://allthings-bare

bare_zero516

Posted via email from ://allthings-bare

bare_zero516

Posted via email from ://allthings-bare

bare_zero516

Wireless is really convenient until you drop your connection or get really low speeds. Thanks to DD-WRT, it’s easier than ever to extend your home networks range with a few simple tweaks and a spare router.

DD-WRT is a fully feature-packed alternative firmware for your router. If you don’t know what it is or how to get it on your device, you should start off with Turn Your Home Router into a Super-Powered Router with DD-WRT.

Boosting Your Signal

Fire up your web browser and direct it to your router’s configuration page. Go to Wireless > Advanced Settings.

There are three settings of interest, the first being TX Power. This is the broadcasting power of your transmitting antenna. The default is a safe value of 70, but we can kick it up a bit. Most people report that jumping up to a 100 is safe. Pushing it higher can cause excessive heat which can damage your router. I don’t have to worry about that since my “server area” is cold and I’m also a bit reckless, so I kicked mine up to 150. It’s been that way for a few weeks and I haven’t had a problem yet, but your mileage may vary. Use your common sense and discretion.

Next up is the Afterburner setting. If your wireless router and adapters support Afterburner – also known as SpeedBooster, SuperSpeed, Turbo G, and G Plus (but not Super-G) – you can enable this to get a boost. Things may slow down if they don’t support it, though, so be sure to do your homework. B-only devices won’t see any problems and N-based devices shouldn’t be negatively affected, either.

Finally, we get to Bluetooth Coexistence Mode. If you use bluetooth a lot, then you may have noticed a drop in reliability or speed with both wireless and bluetooth devices. Turning this setting on should keep the two from interfering too badly with one another.

Use a Spare Device as a Repeater

Most of us have upgraded our networks with new routers over the years. If you have your old one lying around, why not throw DD-WRT on it? I had a spare Linksys wireless access point, but after putting alternate firmware on it, I had a full-blown router on my hands. We can put our spare device to work as a repeater, which can act as a range-extender for a new section of your house or yard.

Under Wireless > Basic Settings, change the mode to Repeater.

You’ll see two sections, Wireless Physical Interface (wl0), and Virtual Interfaces (wl0.1). The physical interface is going to be receiving the signal from your main router. Plug in the SSID, configure the network mode, and decide if you wanted it to be bridged (connected with the old network) or unbridged (isolated from it). Next, come up with a new SSID for your repeater. This way, you can choose which access point to use, depending on where you are.

Click on save, then go over to the Wireless Security page.

Enter the wireless security settings for your main router, then enter the details for your new repeater’s signal. Lastly, we need to make sure that your repeater is connected to your main router. To do that, go to Status > Wireless.

At the bottom of the page, you’ll see a button that says Site Survey. Click on it.

Find you main router’s wireless SSID and click Join. That’s it! Place your repeater on the other side of your house, but not so far that it doesn’t get a good signal. Then, you can connect to your new repeater and test it out.

Use Your Repeater as a Wireless Receiver

An added benefit of DD-WRT is that you can configure your repeater to act as a wireless receiver for a computer that doesn’t have one. Return to where you configured the repeating function, under Wireless > Basic Settings.

Change the mode to Repeater Bridge. Now, you can plug in a device into the router’s ethernet ports and it’ll act just like it’s wired into your main router. If you’re not using it then you should turn if off, as it can cut your bandwidth otherwise.

If you’re looking to speed up browsing, Removing Advertisements with Pixelserv and Find a Faster DNS Server with Namebench can both help your cause – with or without extended ranges – thanks to DD-WRT.

via howtogeek.com

Posted via email from ://allthings-bare

bare_zero516

Posted via email from ://allthings-bare

bare_zero516

We’ve already shown you how to mod your home router with the DD-WRT alternative firmware for greatly improved performance, and today we’re going to show you how to take it even further with the DD-WRT Mod-Kit.

If you haven’t already, be sure and check out the two previous articles in the series:

Turn Your Home Router Into a Super-Powered Router with DD-WRT

How to Boost Your Wi-Fi Network Signal and Increase Range with DD-WRT

Assuming you are familiar with those topics, keep reading. Keep in mind that this guide is a little more technical, and beginners should be careful when modding their router.

Overview

This guide will give a step by step rundown of how to create your own DD-WRT firmware with modifications and additions using the “firmware modification kit“.

The firmware modification kit enables one to make modifications to the firmware without compiling it from source. Making changes this way, with the aid of the provided scripts, becomes a simple matter of downloading, replacing and deleting some files.

The most predominant reason to use this method is because lately DD-WRT’s support for the Openwrt IPKG packages has shifted towards routers that have hard drives (via USB), which makes the mod-kit the only consistently working way of installing the IPKG packages successfully for cases where an HD is unavailable. In addition, this method has the added advantage of relieving you from the JFFS dependency for packages installation, which for routers with only 4MB of flash is a real problem.

Picture by publicenergy

Goals

While instructions for this procedure, are detailed on DD-WRT’s wiki and on the developer’s site, we aim to make this guide a copy & paste procedure that anyone can use to achieve the following goals:

Install the knockd package and its dependencies.

Install the ssmtp package with NVRAM based generated configurations.

Optionally with support for TLS smtp (a.k.a. Gmail support).

Once you have followed this procedure it should be relevantly simple to adapt it for other packages installations.

Warning: Tread lightly… keep in mind that incorrect usage of the modification kit, can leave you with a router that needs de-brick-ing (as in turn it into a useless brick). However if you’re a true geek you probably subscribe to the ideology that, he who can destroy a thing, controls a thing, and only true geeks do that

Prerequisites

Using this procedure can brick your router, as in make your router unusable, we take no responsibility for any damages that may be caused directly or other wise due to the use of the procedures below.

This procedure was performed on Debian based systems (Lenny, Squeeze and Mint) and the instructions below assume you are using one as well.

This procedure is only recommended for people who have experience with flashing their router with DD-WRT, with all the prerequisites,caveats and limitations that apply for their hardware setup. a good place to start would be our Turn Your Home Router Into a Super-Powered Router with DD-WRT guide.

Your router has to support at least the “mini” version of DD-WRT.

This procedure was created and tested on Linksys WRT54GS/L routers, if your using routers from other vendors, your mileage may very.

Setup

Installing required packages

The firmware modification kit has some dependencies for it to compile and work. In order to install/update them all at once Issue this command in a terminal:

sudo aptitude install gcc g++ binutils patch bzip2 flex bison make gettext unzip zlib1g-dev libc6 subversion

Download the mod-kit

Create a sub-folder, and get the kit from the official SVN:

mkdir firmware_mod_kit cd firmware_mod_kit svn checkout http://firmware-mod-kit.googlecode.com/svn/trunk/ firmware-mod-kit-read-only cd firmware-mod-kit-read-only/trunk/

Download a firmware to work on

The first thing to consider is which version you want to use?
A rule of thumb is: when in doubt use “mini”. This is because as long as your router supports at least the “mini” version, using it gives you all of the most commonly used features without any bloatware. thus leaving both space for the procedures and even some JFFS space for other usages in most cases.

Once you’ve decided on a version, it is recommended to use the latest revision of the firmware available, as they tend to have a lot of bug fixes compared to their “stable” counterparts.
At the time of this writing the latest was “03-17-11-r16454″ and this revision is used in the commands that follow.

wget http://www.dd-wrt.com/dd-wrtv2/downloads/others/eko/BrainSlayer-V24-preSP2/2011/03-17-11-r16454/broadcom/dd-wrt.v24_mini_generic.bin

In order to make it easier to keep track of what version we are using, rename the downloaded file to represent its version number:

mv dd-wrt.v24_mini_generic.bin dd-wrt.v24_mini_generic-03-17-11-r16454.bin

This is of course optional, but the commands below assume that you have renamed the file.

Extracting the firmware

In order to be able to change files within the firmware we need to extract its content into a temporary directory.
The syntax of this command is:
./extract_firmware.sh FIRMWARE_IMAGE WORKING_DIRECTORY
In our case, this would translate to:

./extract_firmware.sh dd-wrt.v24_mini_generic-03-17-11-r16454.bin ./working_dir_mini1

Note: The first time you run this command, it builds the mod-kit tools on your system. this happens only once and may take a little while… so be patient…

Installing packages

Now that the firmware is extracted we can install the packages to it.
In general, the procedure is to download the package and its dependencies in the form of an ipk file from the openWRT repository. Once downloaded install them into the extracted firmware using the provided script.

The knockd package

Detailed instructions on how to configure and use Knockd will be detailed in a future article, so you may opt to skip this step for now or do it in preparation for the future as Knockd doesn’t take a lot of space anyhow.

Knockd is a daemon that listens to communication events at the link layer for sequences then acts on them.
What this means, is that you can have the device running the daemon not even “listen” on the ports (a port scan will not see them as open) and still make it do something you need, from a single command all the way up to a full script. Using this technique you could trigger the server to perform any sort of operation you need of it remotely (across the internet) without exposing your home network.

Knockd has only one listed dependency, so download the package and its dependency by issuing:

wget http://downloads.openwrt.org/backports/rc5/knockd_0.5-1_mipsel.ipk wget http://downloads.openwrt.org/whiterussian/packages/libpcap_0.9.4-1_mipsel.ipk

Install the “knock daemon” (knockd) ipk into the firmware:

./ipkg_install.sh knockd_0.5-1_mipsel.ipk ./working_dir_mini1/

Install the “packet capture” (libpcap) ipk into the firmware:

./ipkg_install.sh libpcap_0.9.4-1_mipsel.ipk ./working_dir_mini1/

As “knockd” can be invoked with an alternate configuration file (how will be explained in a future article), there is no need to perform any other operation and you may skip to the firmware building section, if its all you wanted to install.

The SSMTP package

The SSMTP package enables your router to send Email messages just like we showed in our How To Setup Email Alerts on Linux Using Gmail or SMTP for servers. We promised you back then that we will show how to configure this for DD-WRT and we will now deliver.
This is mainly useful if your going to create scripts on the router that you would like to receive feedback on their operation via email.

This package’s setup is a bit more complex then it is on normal Linux systems because of the limitation imposed by an embedded system, so take a deep breath… ready?…. lets go…

Download the package:

wget http://downloads.openwrt.org/backports/rc5/ssmtp_2.61-1_mipsel.ipk

Install the “ssmtp” ipk into the firmware:

./ipkg_install.sh ssmtp_2.61-1_mipsel.ipk ./working_dir_mini1/

TLS support (Optional)
SSMTP doesn’t list any other packages as its dependencies, however if you want to be able to use an smtp gateway that requires TLS authentication (i.e. Gmail), you have to install the openSSL pakage as well.
Note: There is a HUGE drawback to doing this in the form of considerably reduced space on the router for JFFS later on. That is, the openSSL package takes about 500K of space from your total of 4MB (for a normal non “mega” supporting router), compound to that the JFFS overhead and you will discover that your left with, but a precious few, blocks of free JFFS space (about 60KB on WRT54GL).

As there are still non TLS requiring smtp servers out there (usually your ISP’s), i suggest taking a minute to think if you really need to use the TLS requiring gateway.

If you have decided to enable TLS support despite its disadvantage, download the openSSL package:

wget http://downloads.openwrt.org/whiterussian/packages/libopenssl_0.9.8d-1_mipsel.ipk

Install the “openSSL” (libopenssl) ipk into the firmware:

./ipkg_install.sh libopenssl_0.9.8d-1_mipsel.ipk ./working_dir_mini1/

Configurations
There is a limitation with the SSMTP package, that it is not possible to invoke it with an alternate configuration file.
Because the firmware is read-only when its on the router, that means that out of the box we can only hardcode the configuration into the firmware.
However, what if we don’t want to go through all of the firmware modification steps, just to change the Email settings? (for example a password change).

To that end, both Jeremy (the firmware mod-kit creator) and myself reached the conclusion (independently if i may humbly add) that the only sane way to do this would be to:

Make the configuration files location which the ssmtp package points to the read-only location under etc, point to the tmp directory which is writable to at runtime.

Create a script that would dynamically generate the configurations based off of NVRAM variables at startup.

To achieve that, some additional steps are required…

Symlink the ssmtp configuration directory
As explained above, we need to make the /etc/ssmtp location on the router, point to the /tmp directory as its the only writable place we have on the router at run time. To do this, delete the ssmtp directory that was created by the ipk installer:

rm -rf ./working_dir_mini1/rootfs/etc/ssmtp/

Create a new symbolic link that points the /etc/ssmtp on the router’s root file-system, to point to /tmp/etc/ssmtp as an absolute path:

ln -s /tmp/etc/ssmtp/ ./working_dir_mini1/rootfs/etc/ssmtp

Note: Even though this looks illogical right now, because we are pointing the package’s configuration directory to a location outside of the firmware modification kit’s working directory, I assure you that this looks totally fine from the routers point of view at run time.

An init script
While it is completely possible to not inject this script into the firmware and run it as a startup script later on, I feel its appropriate to put it here if only as an example for future use.
Originally Jeremy created the script tailored to someone’s request, later on, I adjusted and augmented it to be more compatible with DD-WRT and syslog reporting.

Create the new init (startup) script:

vi ./working_dir_mini1/rootfs/etc/init.d/S80ssmtp

Note: You may use another editor, I use vi because its consistent with what’s available on the router…
Make this its content:

#!/bin/sh # # title: ssmtp_nvram.sh # author: Jeremy Collake and Aviad Raviv # site: http://www.bitsum.com, http://howtogeek.com # # script to build config file from nvram vars. # will work for any config file that uses # var=value type pairs. # # uses prefixes for nvram variables. # # i.e. # ssmtp_hostname=something # translates to ssmtp.conf # hostname=something # logger_func() { logger -s -p local0.notice -t SSMTP_init $1 }

logger_func "###########Started the SSMTP init run###########" logger_func "Creating the etc directory in /tmp" [ ! -d /etc/ssmtp/ ] && mkdir -p /tmp/etc/ssmtp/ CONFIG_FILE=/etc/ssmtp/ssmtp.conf NVRAM_PREFIX=ssmtp_ PACKAGE_NAME=`echo $NVRAM_PREFIX | sed 's/_/ /'`

logger_func "Generating $CONFIG_FILE for package $PACKAGE_NAME" #echo $0: generating $CONFIG_FILE for package $PACKAGE_NAME echo "#!/bin/sh" > $CONFIG_FILE echo "#" >> $CONFIG_FILE echo "# auto generated based on nvram by $0" >> $CONFIG_FILE echo "#" >> $CONFIG_FILE

if [ -z "`nvram show | grep ssmtp`" ] then logger_func "It appears that you have not set the NVRAM variables required to generate the conf file" logger_func "**Consider** using these commands in you startup script:" logger_func "nvram set ssmtp_root=username@gmail.com" logger_func "nvram set ssmtp_mailhub=smtp.gmail.com:587" logger_func "nvram set ssmtp_hostname=username@gmail.com" logger_func "nvram set ssmtp_UseSTARTTLS=YES" logger_func "nvram set ssmtp_AuthUser=username" logger_func "nvram set ssmtp_AuthPass=password" logger_func "nvram set ssmtp_FromLineOverride=YES" logger_func "create the NVRAM variables and re-run the init script or reboot for the settings to take affect." exit 0 fi

########################################################### # # main loop # SED_COMMAND="s/$NVRAM_PREFIX/ /" CONFIG_VARS=`nvram show | grep $NVRAM_PREFIX | sed "$SED_COMMAND"` for i in $CONFIG_VARS; do echo $i >> $CONFIG_FILE done

########################################################### # # sanity check # if [ ! -f "$CONFIG_FILE" ]; then # echo "$0: ERROR - could not create $CONFIG_FILE. Perhaps there is no symink /etc/XXXX -> /tmp/etc/XXXX ?" logger_func "ERROR - could not create $CONFIG_FILE. Perhaps there is no symink /etc/XXXX -> /tmp/etc/XXXX ?" fi logger_func "###########Finished the SSMTP init run###########"

Make it executable:

chmod +x ./working_dir_mini1/rootfs/etc/init.d/S80ssmtp

Take note of the NVRAM waiting variables in the script, it is our responsibility to give them something to work with after we have installed our modified firmware on the router.

Build the modified Firmware

Now that everything is in place, it is time to re-package the modified firmware into a compressed binary that we can flash to the router.
The “build.sh” script syntax is:
./build_firmware.sh OUTPUT_DIR WORKING_DIRECTORY

To do this we use the supplied script, so issue:

./build_firmware.sh output_mini1 ./working_dir_mini1/

Once the “build” operation is done, there will be several firmware images waiting to be used in the “output” directory.

You may now flash the file called “custom_image_00001-generic.bin” to your router as you normally would a DD-WRT firmware.

Note: Don’t forget to restore to “factory defaults” before, during and right after the firmware flash.

Post flash steps

Because we made the SSMTP package look for NVRAM variables in order to generate the ssmtp configuration file, we now need to supply it with the missing information.
We will accomplish this by using the web-GUI “Run commands” function.

Go to the web-GUI -> “administration” -> “commands” -> paste in the text-box the following:

nvram set ssmtp_root=your-email@gmail.com nvram set ssmtp_mailhub=smtp.gmail.com:587 nvram set ssmtp_hostname=you-email@gmail.com nvram set ssmtp_UseSTARTTLS=YES nvram set ssmtp_AuthUser=your-gmail-user-name(without the @gmail.com) nvram set ssmtp_AuthPass=you-gmail-password nvram set ssmtp_FromLineOverride=YES nvram commit

Replace the text after the equal (=) sign, with your actual information, And then Hit “Run commands”.
Note: if your using a regular, non TLS using, smtp server the port to use is 25 instead of 587.

Now that the SSMTP information is ready for use, you will need to invoke the init script. So you can either reboot the router, Or paste this into the “commands” text-box:

/etc/init.d/S80ssmtp

Then hit “Run commands” again.
The output of this command should look like:

Test that you can send Email
Again paste this into the “commands” text-box the following command with your email address:

echo "testing crucible emailing 123 qwe" | ssmtp -vvv your@email.com

Then hit “Run commands” again.
Because we used the -vvv option for extra verbosity, the output of this command should look like:

If everything went well, you should be getting the test email within seconds.

We hope that you can use this information to push your home router’s limits even further then you thought possible and you now truly control your home router, and DD-WRT…

Linux extends life, Linux expands consciousness… Linux is vital for packet travel

via howtogeek.com

Posted via email from ://allthings-bare

bare_zero516

Wireless is everywhere and routers are the force that makes it happen, so why not supercharge yours to take proper advantage of it? DD-WRT will let you boost your router’s range, add features, and more.

DD-WRT has a ton of features—more than we can cover in this guide, which is focused on helping you get your router upgraded. Stay tuned, as we’ll go into more depth in a couple more days on all the great things you can do with it, but even if you don’t use the additional features, DD-WRT is worth installing to make your router work better.

What Is DD-WRT?

Here’s our router. Behold: the Netgear WNR2000, revision 2. It’s a mighty fine one, too, but it’s still not the best. Why, exactly? Your router is only as good as its firmware, the software that makes it tick. When you buy a router from Linksys/Cisco, Netgear, D-Link, or others, you’re bound to their software. It’s a nice arrangement; you respect their limitations, and they promise to help with your problems. But what if your warranty’s expired, or you want to shuck their limitations? Maybe you want to take your hardware and push it to its most extreme limits. That’s where DD-WRT steps in.

DD-WRT is an open-source alternative firmware for routers. Its software unlocks features that aren’t present on all routers: static routing, VPN, repeating functions, the list goes on. It also unlocks settings that aren’t accessible normally, like antenna power and overclocking.

Router Support

Turning your home router into an almost professional-level tool is a great project that has one major caveat: support. Not all routers are built or designed the same way. Even two of the same model can have different revision numbers with very different internal components. Because of this, the first step is doing plenty of research. It’s best to have a router that’s fully supported, so if you end up buying one, be sure to check the DD-WRT Supported Routers page first. Also make use of their Router Database, which will help you find particular instructions for your model and revision. Most devices have model and revision numbers on the back panel, and if there’s no revision number, it’s safe to assume that it’s 1.0.

For our purposes, the important spec to consider is NVROM, or ROM. This is where the firmware is kept, so even if your router has 16MB of RAM, it won’t work with a 4MB image of DD-WRT without at least that much ROM. Because of this, there are a few different versions of DD-WRT available at varying file sizes. Some are trimmed down to fit in smaller ROM configurations. Others are built with specific features in mind, like VPN, SD card support, or a Samba client. For more information, check out the File Versions table.

Preparation

The most important thing in any project is research. Do all of your homework for this one, because (here it comes):

DISCLAIMER: Changing your router’s firmware can result in unintentional consequences, such as “bricking.” It’s unlikely, and we’ve never had a device that couldn’t be fixed in some way, but it’s important to understand that it’s a very real possibility. Just to be clear: you assume all responsibility for anything you do; we’re not liable for anything that should go wrong.

As mentioned above, start with the Supported Devices page to see if you’ve got a DD-WRT-friendly router. If you don’t see anything specific, or even if you do, check into the Router Database. Here, you’ll find links to forum pages of those who’ve completed the process for specific models/revisions, as well as the setbacks and workarounds they’ve found. Most importantly, you’ll find links to compatible versions of firmware.

The friendly forum gave us some useful info for our particular model. Our router, the Netgear WNR2000 is revision 2, which means it’s compatible (revision 1 is not). It’s only got 4MB of ROM, so we had to stick to the mini version. We followed the download links and read up on what to do to complete the procedure in full detail.

Almost all sources unanimously recommend three specific things:

Do a hard reset on your router before you update. This usually requires a 30/30/30 procedure.

Hard wire your router when you update the firmware. NEVER over wireless.

Use Internet Explorer (or Safari) unless specifically stated that other browsers are okay.

There’s a ton of reasons which the documentation will reveal to you, but the first two are written in stone, and the last has held true for almost any router, and it won’t hurt either.

Most routers have a pinhole on their back with you need to push and hold to perform a hard reset. The 30/30/30 procedure is primarily directed for devices with DD-WRT already on them, but it’s also required for some other models and won’t hurt to do anyway. It deletes the Non-Volatile RAM. From the DD-WRT website, the procedure is as follows:

With the unit powered on, press and hold the reset button on back of unit for 30 seconds

Without releasing the reset button, unplug the unit and hold reset for another 30 seconds

Plug the unit back in STILL holding the reset button a final 30 seconds (please note that this step can put Asus devices into recovery mode…see note below!) [Note]

This procedure should be done BEFORE and AFTER every firmware upgrade/downgrade.

Do not use configuration restore if you change firmware builds (different svn build numbers).

The Process

Hard reset, as outlined above, or per the instructions for your specific router.

So after our hard reset, we waited for the lights to return to normal, and we hard-wired the router to our laptop. During this phase, we turned off the wireless connection so that just the wired connection to our WRN2000 was active. This prevents any mishaps and makes it simple to connect to the web-interface through the defaults.

Next, fire up Internet Explorer and go to your router’s default page, and log in.

Use the default username and password, usually printed on your device’s back panel or easily found on the internet.

Click on the Router Upgrade link.

Browse to the correct image and click Upload, and wait patiently. Very patiently. You’ll see the loading screen tell you to wait while the router reboots, and you’ll see the lights flash on and off for a while. Wait about five minutes, and err on the longer side. When you’re ready, log in to your router. DD-WRT’s IP address is 192.168.1.1, the username is ‘root’, and the password is ‘admin’.

You’ll be greeted with your brand new interface.

If things didn’t work out, you may have had a “bad” flash. Your router may be bricked, but odds are you can recover from it in some fashion. The first place to check out is How to Recover From a Bad Flash, and the second is the DD-WRT Forum. As long as your do your homework and be precise with the instructions, you’ll be fine.