Monday, 22 September 2014

Arrivals weekend

This weekend we had our annual intake of new students. As usual we spent the weekend providing support to the new newbies to enable them to get on the network, use wireless and sort out their passwords. We also spent the weekend catching up with those last minute jobs that need doing before term starts.

A wet first day


The first day was a wet one, in more ways than one. The rain was making an appearance as the first group of new students started to arrive and then we had a flood in one of our student accommodation buildings.

Wet cables

The water had made it's way into the plant room and all our kit had to be shut off in this area. Also, rather annoyingly, whoever installed the CCTV kit moved one of our IEC leads into a power strip at the bottom of the cab that they had installed (ours are halfway up to avoid such incidents) and this was submerged in water before it was all pumped away. As a lot of the ethernet cables come from the bottom of the cab, rather than the top, most of these will need to be replaced too.

As well as the student faults I had a post-installation wireless survey of the new Journalism and Economics building to carry out, that I managed early Saturday before many students had arrived. Also there were approximately 28 access points to set up in languages and another 77 to configure in Computer Science, Research and Information Studies.

I didn't get that many set up however as I was still looking at faulty wireless access points at around 5-6pm on Sunday.

One wouldn't download the image and another didn't want to boot until it had a console cable plugged in (?)

We also had to do a bodge job (yuck! - on orders from above) as a resident was asking for compensation due to a job to install properly being held up with Estates.

Couldn't connect to wireless from their room with antenna in or on the cab, no sockets or cables to use and couldn't do any drilling so a temporary fix...tape, lots and lots of tape

Needless to say it was a busy old weekend (which the tax man will appreciate).

Just want to make it through registration this week with enough time to sort out the teaching spaces and then pack all the registration kit away on Saturday for another year.

Friday, 19 September 2014

Intro To Spectrum Analysers

I've not had time to get to grips with or go through the training on how to use it but, after taking the Spectrum XT home the other day, I certainly found it useful and our team boss asked me to write a little about it.


At home my WiFi kept dropping out. It worked fine on 5GHz but unfortunately Playstations, Chromecasts and my tablet are all only capable of using the 2.4GHz frequency. I had the Wifi Anayzer app (https://play.google.com/store/apps/details?id=com.farproc.wifi.analyzer&hl=en_GB) on my phone and according to that I had a few neighbours on channel 11 and a handful on 6 (with a few in between), so channel 1 for my network seemed perfect. My signal strength seemed strong but first my tablet and then after a while my TV kept disconnecting and struggling to maintain a connection.



We recently purchased the Spectrum XT (http://www.flukenetworks.com/enterprise-network/wireless-network/airmagnet-spectrum-xt) to help with such mysteries and I borrowed it see what it could find.



I found 2 access points on channel 11 and half a dozen on 6 that the adapter could see. It also straight away solved my channel 1 problem.




As you can see in the first picture the duty cycle on channel 1 (as well as 2 and 3) is 100% and is due to a wireless security camera someone nearby has installed that is transmitting all the time. A waste of time using any of these channels then as my access point will stop beaconing and my devices attempting to associate with a duty cycle that high.

Just as I was about to put the laptop away (and move my wireless to channel 6, the least congested) my neighbour must have turned their microwave on, as you can see from the spectrogram in the second picture it caused a fair bit of noise around channel 7 and the ones around it. No wonder all my neighbours are using channel 11.The duty cycle is not high though because the microwave is not close (if it was mine it could be around 50-60%) and they do not continually transmit. If I turned mine on and tried to use the same channel it would probably halve my throughput but would/should still work.


So they mystery of the dropping out connection is solved and, in this case, the best thing is to have multiple access points on the same channel.

Roll on the time when we have 5GHz in every device!

Monday, 18 August 2014

Friday afternoons

There seems to be a rule with a number of users that states 'when you need something doing by the end of the week, don't tell IT until Friday afternoon'. This rule was certainly in full force this last Friday.

We received an email around 2.15pm asking for a large number of sockets to be made live for staff to move in that afternoon.

Apart from the fact that there was only 2 hours of the working day left and we had plenty of other jobs we were currently on with (including clearing), and that we ask for 5 days notice of moves, there were a number of other reasons IT should have been involved earlier:
  • The sockets were cabled back to an area where we have no services
  • Providing services would require a data switch to be purchased and installed (approx cost £2000)
  • We would need access to be provided from an outside estates department
  • We would require a fibre connection from the hub room to said area
  • We would need to borrow fibre from the people who manage this buildings IT as, as mentioned, we don't have any services here
  • The hub switch has no fibre capacity left
  • Providing services would require a new stack on the hub (approx cost £3000)
If we had been involved before the event we could have, either, instructed the contractors to cable back to an area where we did have services and capacity, or purchased and set up the required kit ahead of time so that everything would be ready to go in time for the move.

As it stands they will have to live without any form of connectivity until the above issues are addressed.

People! Please talk to your IT team. Don't just do stuff off your own back.

Thursday, 3 July 2014

Next version of android improves WiFi connectivity information

A great new feature of android 'L' looks to be the ability to see the link speed and frequency at which you are connected to wireless. I have seen the HTC One M8 has the ability to choose which frequency you connect using, but from a troubleshooting point of view having this information built into android is a big plus.

Picture from androidpolice.com

Wednesday, 25 June 2014

Temporary Wireless Installation

We were asked, rather last minute, if we could provide wireless coverage for a manufacturing conference. One of the stipulations was that they didn't want to spend any money(!). What we expected to be a job that took a few hours though naturally ran into nearly a full week.

Day 1

We found where they were erecting the venue, worryingly, on a patch of wasteland. Not only was half the marquee not yet erected, there was also no power.


The nearest building was all brick walls and fire exits. No windows or doors that we could use to run services our of temporarily. We found access to the roof, but then had the problem of no data connections nearby.


We thought about using a point-to-point solution but there was nowhere flat or secure at the 'tent' where we could put the remote end.

We eventually found a plant room with data we could use, but this was well over the 90 meters cable length we specify, and probably another 90 meters to the cab. We therefore decided to put some active kit in the plant room and another switch, this time PoE, at the conference end. 

Back at the office (as the generator was not yet on site) we put ends on the cable at around 190 meters and tested it running four wireless access points. Not ideal, but all worked, even if only at 100Mb rather than 1Gb.

Day 2

Department meeting in the morning so only a bit of time in the afternoon to get set up. Spent the afternoon running cables around to the positions we would like the access points.


The generator was not working so couldn't test everything on site.

Day 3

Hooray! The generator is working. We finished running the cables out, as we now have beams where we would like all the access points, and tie-wrapped the access points to the beams.


We deployed four Cisco 1142 access points (2 per tent) and checked for full coverage. We have two SSID's, one for staff and one for guests. As we used a little less than the 190 meters we tested in the office we actually got a gigabit connection.

We did carry out some proper tests, but I also took the quick screenshot on my phone below.



Day 4

An early start to run the cable out and find some tubing and boards so nobody tripped over it (we didn't have a pickaxe to dig a trench and the ground was too hard for the hammer).

Thankfully no problems with any of the kit, and soon after we were set up we saw upwards of 80 users connecting.


At this point we left them to it to get back to the day to day jobs. Informing the staff on site about passwords and locations. 

Day 5

Clean up and pack away.

I wonder if people realise how much work goes into these things?


Wednesday, 4 June 2014

Wireless & lamp posts

We have been looking at alternative solutions to digging up the roads to install fibre in order to get services to properties belonging to the University that may not have had connectivity before. In particular there are a number of University-owned houses that would like access to the eduroam wireless service.

It is particularly difficult (and expensive) for us to dig up nearby roads as we are situated next to a number of hospitals and, therefore, important emergency routes.

One solution we went to have a look at yesterday was an outdoor wireless mesh network that made use of the power available from existing street lights.


As you can see it was a rather grey day, but atop the lamp post is a point to point wireless link back to campus and using PoE off that is a Motorola outdoor access point with one 802.11a radio antenna connected to a mesh of other AP's as well as an 802.11b/g/n radio antenna providing wireless access to the houses nearby.

The basic idea is:


If the council aren't amenable to having us install on street lights (as an alternative to digging up the road) we already have a CCTV pole there that we could make use of and install the mesh AP's on the chimneys instead. All we would have to do is get power up to the chimney stacks.

There is a huge cost saving not having to install fibre, data cabinets, cabling and building level switches and access points in every, or almost all, of the 46 properties.

It is a solution we haven't really thought much about before, although we have used a few point to point links previously and still having one in use. The numbers of access points in the mesh would depend on the results of the pre-installation survey and, at least if we do install them on chimneys, we have more locations to choose from.

Tuesday, 3 June 2014

iOS 8 - android? is that you?

It was Apple's WWDC yesterday, and instead of watching it I decided to do something else and check the announcements on Twitter. What seemed to me to be coming out of the presentations was a list of features previously available on android.


So what were the new features of iOS 8?

  • Third party keyboards - Swype et al have been on android for years
  • Predictive keyboard - So it will now be like most android keyboards
  • Widgets - Was there ever a version of android that didn't have widgets?
  • Actionable notifications - android 4.3
  • Cloud drive - Google Drive...but Google gives you 15GB for free, not 5GB
  • Family sharing - android tablets have multi-user support and music can be shared for limited listens
  • Share and copy between apps (such as a web link to an email) - On android since the beginning
  • Choose which apps to use following certain functions (for example using Google Maps instead of Apple Maps when tapping on an address) - android did it?
  • Health apps and integration with fitness tracking devices - Hello Samsung Galaxy & Gear Fit
  • Homekit (integration with smart home products) - Like Nest, that Google has been selling
  • Photos with auto- backup - Identical to Google+ photos, apart from Google gives you unlimited storage
  • iMessage improvements - Basically it is now includes Snapchat/WhatsApp functionality
  • You can now launch Siri by saying "Hey Siri" - "OK Google"
  • Siri can listen to TV and movies and integrate with Shazam - So Google Now then?
  • Watch videos of apps before you download them - Already available on the Google Play store
I don't intend to start arguments, it just looked to me that the major features the Apple fan-boys on Twitter were going mad for were imitations of what Google have already been doing...despite some cheap shots at android during the day.

Apple will do things in their own way and ideas will be built upon and developed by both companies.

I suppose imitation is said to be the sincerest form of flattery.

Friday, 30 May 2014

Antivirus: The balance between privacy and security

I read an article the other day which showed antivirus software in a whole new light. At Makeuseof they had picked up on a report by AV-comparatives that analysed what data was being transmitted by a host of antivrus products.

I have been using a wide variety of security products over the years and this year I was so impressed with the latest free version of Avast I very nearly purchased the paid for version. I am now having second thoughts though as I have read the report linked above that, worryingly, found a number of popular products send the following information and files to the company (either encrypted or unencrypted, it is not clear):

  • The computer name
  • The Windows username
  • The local IP address
  • Information about third party applications
  • Information about running processes
  • Operating System event logs
  • A list of all visited URL's
  • The name and path of files
  • Documents that may be classified as suspicious

I don't understand why, if the product sends a unique identifier for the user and machine on which it is installed, things like Windows username and computer name are required.

I have highlighted documents in the list as this is potentially the one most troublesome. It is entirely possible your sensitive documents could end up stored somewhere in EU/Russia/Korea/USA just because your antivirus product classified it a certain way.

There is a longer list of what information is sent, but some of this information, such as version numbers and operating systems, is obviously essential for updates and so forth.


I urge you to check out the report, and also the MakeUseOf article, which both have good summaries of the findings. I mentioned Avast, which is by no means the worst, and another of my favourite free tools, Avira, seems to come out of it fairly well. I have just checked out the Avira privacy policy and it states "Avira sends suspicious programs only (executable files) to our secure German data centers. Avira does not send any personal data. Files such as pdf, doc, xls as well other personal data, like pictures and videos are not being automatically sent.".

AhnLab and Emisoft are two paid for products that won't send URL's or documents over the internet.

Making the choice between which product to use/buy should not have to be a choice that involves how much privacy you are willing to give-up, but rather how good it is at keeping you secure. At the moment though it seems to be both.