Increase wifi power on Linux

Is your wireless card stuck at 20dbm? This trick will increase the output power and allow you to use the full potential of your card. Using this I can see around 10 extra wireless networks and a bunch more clients! Perfect for wireless injection.

1. Enter into the root user account

sudo -i

2. Install the tools needed to compile on your OS.

apt-get -y install pkg-config libgcrypt11-dev python-m2crypto libnl1 libnl-dev iw ethtool

apt-get -y install libnl-3-dev libnl-xfrm-3-dev libnl-cli-3-dev libnl-genl-3-200 libnl-genl-3-dev libnl-idiag-3-dev libppx-tools-ocaml-dev

If you get errors about packages not being available, remove them from the first command, re-run it, then run the 2nd command. This is because some newer Debian based OS’s use a newer version of libnl.

3. Run the following commands to download and extract regdb.

cd ~
mkdir custom-rdb && cd custom-rdb
wget https://linuxthefish.net/wireless-regdb-2011.04.28.tar.bz2
tar -xvjf wireless-regdb-2011.04.28.tar.bz2
cd wireless-regdb-2011.04.28

4. You now need to edit the file db.txt to modify the power settings. Don’t worry about setting the power too high, most cards will regulate the actual maximum power. Just for safety, don’t go over 35.

To find out the country code your wireless card is current set to, run “iw reg get | grep country“. On my system, the country code shows as “country GB”.

Open the file reg.db using your favourite editor:

nano db.txt

Find the country code you are current using using CTRL + W, type your country code and press enter.

5. Edit the 2nd number (20 in this case), and remove any comments (,DFS in this case).

It should look something like this:

6. Now save the file (CTRL + O, press ENTER), and quit your text editor (CTRL + X).

7. Run the following commands to compile the wireless registration database:

make
make install

8. Copy the wireless registration database to where CRDA lives:

rm -rf /usr/lib/crda/regulatory.bin
cp regulatory.bin /usr/lib/crda/

9. Download and extract CRDA:

cd ~/custom-rdb
wget https://linuxthefish.net/crda-1.1.2.tar.bz2
tar -xvjf crda-1.1.2.tar.bz2
cd crda-1.1.2

10. Copy the wireless registration keys to where you are going to compile CRDA:

cp ~/custom-rdb/wireless-regdb-2011.04.28/*.key.pub.pem pubkeys

11. Compile and install CRDA, make sure you investigate any errors at this stage. If you get errors about not being able to find the libnl, install the development package for libnl on your system!

make
make install

If you get the error “/usr/bin/ld: cannot find -lnl-genl”, run “wget https://linuxthefish.net/crda-makefile -O Makefile” first.

12. Reboot your system, and enjoy better wifi signal! This might require an external antenna, so please make sure you are using a USB wireless card if possible.

If, after following the above steps, your wireless card still shows it’s original power levels in “iwconfig”, then unfortunately the txpower can’t be modified.

Installing aircrack-ng on Raspberry Pi, Banana Pi, Orange Pi and most other ARM boards

Installing aircrack is actually very simple, and can be done in a few commands!

First, install the needed libraries, programs and development files:

apt-get -y install iw libnl-3* libssl-dev gcc

Next download aircrack, extract it and start compiling:

wget http://download.aircrack-ng.org/aircrack-ng-1.2-rc2.tar.gz
tar -xsf aircrack-ng-1.2-rc2.tar.gz
cd aircrack-ng-1.2-rc2
make

Finally, “install” the program to make it easier to run:

make install

After this has completed, be sure to test all the installed tools to make sure they are functioning.

Improving the FPS of streaming video in Motion

Motion is a great software for streaming USB webcam, video capture or network camera input to Motion JPEG Video (MJPG). However when using this software on my Raspberry PI to monitor water level on an industrial plant I have found the video to stutter and slow down a lot when there was lots of action happening in the picture or something was moving.

The way Motion works is by capturing snapshots from the camera at every frame per second, and saving them to the working directory defined in the config. By default this directory is in /tmp/motion, however this quickly filled up my Raspberry Pi disk and slowed down the video feed due to the increased disk access times. Motion also fails to delete files from this directory whenever the feed slows down – it can’t keep up!

To resolve this we must move the working directory to a RAM disk, I used a 256MB RAM disk using tmpfs.

1. Open the file /etc/fstab, and add the following line. This can be done using nano, for example “sudo nano /etc/fstab”, paste the following line and press CTRL + X, then Y to save and close.

tmpfs   /motion    tmpfs    defaults,noatime,nosuid,mode=0755,size=256m    0 0

In the end your /etc/fstab file should look something like this:

2. Create the directory to mount this using the following command:

mkdir /motion

3. Mount this directory from fstab:

mount /motion
chown motion:motion /motion/

4. Open the configuration file for motion (nano /etc/motion/motion.conf), find the line target_dir (CTRL + W, target_dir), and change it to the following:

target_dir /motion

Your file should look something like this:

If needed, save and exit with Nano using CTRL + X, then press Y.

5. You should now be able to restart Motion with the command “service motion restart”, and enjoy faster FPS!

How to disable remote access on TP Link wireless routers

Surprisingly many TP Link routers allow remote access from all IP’s, with the username and password “admin”. Turning this off is simple!

1. To find out if you are effected by this, click on the link in https://linuxthefish.net/ipcheck.php. If you can see a TP-LINK login box, you are effected by this.

2. Login with the username “admin”, and the password “admin”. Once you have done this, select System Tools, then Password.

Enter “admin” into the old username and password fields, then enter a SECURE username and password into the 3 boxes titled “New User Name”, “New Password” and “Confirm New Password”. Once you have done this, click Save.

3. Click Security, then Remote Management. From here, change the “Remote Management IP Address Box” to 0.0.0.0

4. Click Save, then Reboot if prompted. Once rebooted, click the link in https://linuxthefish.net/ipcheck.php. If you can’t reach the page, then your router is now secure.

Leaving router access open to the world should NOT be done, as it can be used for malicious purposes – most routers are miniature Linux PC’s, and support running custom programs!

My thoughts on DigitalOcean in 2015

What is a “cloud”?

One of the latest trends in hosting at the moment seems to be the word “cloud”. The cloud is a rather loose term, and many different people seem to have different ideas of what a true cloud should be. In my opinion, cloud hosting should be fully redundant, high availability hosting with a true fail over system, allowing your application or website to instantly come back online after any disruption, even if affects half a country. Others may think of the cloud as a system where they can instantly scale their server up or down, or dynamically change any of the resources so they can scale their application to fit 10 or 10,000 users. I think that the cloud could be useful for scaling your application up and down as needed, but I don’t think DO’s scaling system is the best way to achieve this, as scaling back down can be a bit of a hassle.

From what I understand, DigitalOcean, or DO for short is not what I would define as cloud, however it does allow people to instantly scale their servers and application from one server to many. In my opinion, cloud hosting with scaling capabilities does not work well with KVM due to the disk resizing issues, and something like OpenVZ or even xenserver, where you can scale a server without even having to restart would be much better suited.

Going back to my definition of what cloud hosting is, there are not many true cloud hosts at under $7 a month, sometimes known as “low end” hosting. One such example of a true cloud provider at lowend pricing would have to be iwstack, who are great. They store a copy of your server in more than one place, and advertise automatic healing as well as a decent private network and virtual routers, all of which are immensely useful to someone who thinks of the cloud like I do.

My thoughts on DO

I have only used DigitalOcean for around 3 months now feel that I have had enough experience of what they are to offer my review. Overall I have had no major issues with their control panel, support or API, apart from one issue with their auto null route system.

I have been using their servers in the London location, which is a new location and thus most likely underutilised compared to somewhere like NYC or even Singapore. The virtual servers, or Droplets as they are called come with 512MB ram, 1 CPU core, 20GB of SSD space and 1TB bandwidth allowance on a gigabit port. On my test server I am able to use the full port speed without any issues, and they do not have any system to detect bandwidth overages – hence making the service unlimited! I have also run a Tor relay from a DO server using over 30TB per month without getting charged any extra on the 512mb, at least so far…

The 20GB of SSD disk space provided with your server is local SSD storage, in what I think is RAID6. Running a “dd” speed test gets around 200 MB/s in London 1, and around 120 MB/s in more utilised locations such as NYC 2. This is nowhere close to the SSD speeds on RamNode in RAID10, which is somewhere around 1 GB/s but is bloody good for the price you pay!

As a host mainly designed for developers, DO does a great job. You can make full snapshots of your server, which are free as of now but will be charged for at some point in the future – the same I think for bandwidth. I do not think using DO as a host in a production environment would be a good idea, mostly because of the lack of a high availability system such as automatic failover.

There is also no way in hell you can spin up a server in 55 seconds, and it takes well over 80 seconds in the last 4 I have spun up. This is by no means slow, and many provides who have manual activation can take up to a few days to get everything set up (I’m looking at you goodhosting!).

Pricing at DigitalOcean

DigitalOcean charges $5 a month for their 512MB plan, however this is quite expensive in the lowend market. You can now get similar specs for around $15 a year from someone like Crissic, or HostUS for much cheaper, there are even deals on lowendtalk.com for OpenVZ VPS’s with 4gb ram for $6 a month!

However, this is a full KVM VPS, and hopefully won’t be too oversold on ram or disk space – so you know you are getting guaranteed performance unlike with similar hosts that use OpenVZ where you might have other abusive users on the same node doing some high I/O operations or using all the CPU on the host node. KVM is a little more isolated in this sense, and thus might be a better platform for a proper production server, even though I am not a big fan of using anything shared for production.

DigitalOcean’s Support

In my account I have two support tickets, one is for an incoming DDoS attack and the other is one opened by me to increase my droplet limit. The first ticket about increasing my droplet limit was opened by me, and I got a reply from their support in two minutes – even if it was a predefined reply with them asking for my name, location, phone number, new droplet limit and why I needed more droplets. After I had replied to them with my updated information, it took them around an hour to verify my account and increase my limit.

My second support ticket was a little more concerning, as for some reason they called my droplet Mario! They claimed I had experienced a DDoS attack on my Droplet – however this was just me running a speed test using iperf. Once I explained this to DO, they replied to the ticket and removed the nullroute in around an hour and appologised for the false positive.

Uptime

Two of my three servers with DigitalOcean have 100% uptime in UptimeRobot, and the other has 99.8% due to the nullroute as explained above. I have personally not seen any network dropouts, and I’m even using one of my droplets in London to host an IRC network – that’s how stable it is!

Conculsion

In conclusion, DigitalOcean is a solid host that I would not think twice about in using for development or even light production use. They are not suited for game server hosting due to the lack of a DDoS protection add on like what BuyVM and RamNod have, but their support do recommend cloudflare for use with websites. I will continue to use DO with my three droplets for the foreseeable future. For game server hosting in the UK that is subject to the occasional DDoS attack I will be sure to use a VPS provide in the UK that hosts with RapidSwitch, as their suto null route system is much better.

If you wish to sign up with DigitalOcean yourself, please use my refferal link to get $10 free credit, or sign up directly at https://digitalocean.com