In our continuing series of Geek Celebrity Access Points (see here and here), we are proud to present the king himself, “Weird Al” Yankovic!

Aruba Network’s new remote office access point, the RAP-2WG, allows an enterprise to securely extend the corporate wireless network to remote offices.  While REAP technology is nothing new, the price point on the RAP-2WG certainly is.  List price is only $99, and the street price brings its price in line with that of a Linksys WRT54GL.  The unit is extremely small, too:  about the size of a deck of cards.

How does it work?

The RAP-2WG’s E0 port is connected to the internet connection at the remote or home office.  The unit establishes an IPSEC tunnel (using your choice of 3DES or AES) back to the Aruba controller at the main office.  Once connected, the controller extends the corporate wireless — including all security policies — to the remote unit.  You can also configure the second wired port in any way imaginable – from 802.1x port security, to a vlan bridge, even as an 802.1q trunk.   You can also apply an ACL and run the RAP-2WP in split tunnel mode so that client internet traffic doesn’t cross the tunnel.

Enough marketing, how well does it really work?

I tested an Aruba RAP-2WG as follows:

- Aruba OS 5.0.0.1
- 6000 Controller Cluster.  The cluster was in regular production mode during this test.
- 100 Mb internet connection
- RedHat 5 running vsftpd – Server
- Ubuntu 10.04 – Client
- Dell D620 with an Intel 4965AGN wifi card

The Test Procedure:

After configuring the RAP-2WG to connect back to the mothership, I connected it to a high-speed remote network.  To test the unit’s throughput, I created a file containing 20Mb of random data (testfile.tar.gz);  this file would then be transferred via FTP to the client machine.

This technique generally works pretty well, the whole way up to 1Gb/s if you follow these two simple rules:
1)  Ignore the results of the first test.   The first time you download the file, the server has to read it from disk.  Subsequent requests (within a few minutes, at least) will come from the server’s disk cache and be significantly faster.

2) Don’t actually write the file to disk on the client machine, otherwise you’ll just be testing the hard drive speed.  The best way to do this is to use wget under Linux.  The syntax I prefer is:

# wget -O /dev/null ftp://your-ftp-server.pskl.us/testfile.tar.gz

This will simply dump the data to /dev/null as it comes in.  When wget completes, it will give you the average transfer rate in BYTES per second — don’t forget to multiply by 8.

Step 1:  Baseline Test

To determine the maximum speed at this site, the client machine was connected directly to the local internet connection using the system’s wired ethernet port.  The test file was then transferred ten times and the average bit rate computed.

Average Transfer Rate, No Crypto:  84.64 Mb/s

Step 2:  IPSEC AES128, using the Wired port

The test system was then connected to the RAP-2WG’s E1 port.  The test file was then transferred ten times and the average bit rate computed.

Average Transfer Rate, IPSEC 128, Wired Port:  2.73  Mb/s

Step 3:  IPSEC AES128, Wireless 802.1X PEAP

The test system was then connected wirelessly to the RAP-2WG.  The system established a solid connection at 54Mb/s using PEAP/MSCHAP/AES auth/crypto.  The test file was then transferred ten times and the average bit rate computed.

Average Transfer Rate, IPSEC 128, Wireless PEAP:  1.821 Mb/s

Conclusion

The RAP-2WG works as promised.  The rated IPSEC throughput of the unit is 2Mb/s, which agrees with my findings.  The slightly slower throughput over wireless is due to a combination of effects, but most likely a result of the double-encryption (PEAP wifi plus the IPSEC tunnel) that the unit has to handle.  The RAP-2WG is inexpensive enough that it can be deployed as a robust VPN solution for staff working from home.  You could actually buy RAP-2WGs and hand them out to your staff for about the same cost as buying Cisco VPN licenses for your existing ASA.  Yes, that ’s right. A robust hardware solution for the same price as the competition’s software license.

Aruba, you guys rock.

Those of us at PSKL who enjoy a good first person shooter have been having mixed feelings about the games currently on the market. Let me preface this by saying we’re not new to FPS games. Our love for them dates back to the DOOM/Castle Wolfenstein days, but really took off around the time Unreal Tournament hit the shelves. Since then we’ve tried just about every one of them to hit the pc market (don’t even bring up consoles), most recently with Call of Duty: Modern Warfare 2.

While MW2 is entertaining, it’s lacking. It’s lacking a lot. The single player compaign, while good, is very short. Normally the quality of the single player campaign is in direct relation to the pure awesomness of the multiplayer. The shorter and more unforgetable the single player game, the better the multiplayer is. Usually. Not so in this case. Their matchmaking system is complete garbage. The amount of cheating that goes on in that game is something that’s so blatant and unprecedented that I’ve been speechless numerous times at the amount of cheaters per game. It seems to take their VAC system days to ban players who cheat and even then getting back into the system takes nothing more then 20 dollars on a forum to get a new cd key and signing up for another free Steam account. There have been lots of problems with their P2P game hosting setup where you wait for the 60 second timer to count down the start of a new game only to be kicked from the game for some unknown error or you end up playing a game on a machine that’s apparently on a dial-up connection. All of this leads to an amount of frustration that makes the game more of a job then fun.

Enter Battlefield: Bad Company 2. I’ve been an avid fan of the Battlefield series since the very beginning. I’m not a huge fan of playing games based on military history like Vietnam or World War II. That’s not to say I think the previous games were bad, it just didn’t appeal to me as much as something based on new technology. Everyone has a preference for the games they enjoy and mine happens to be games based on modern or near future warfare. While this game is a sequel, the original Bad Company was only released for consoles (awful idea) so I really don’t have anything to say about that game. I don’t play FPS games on consoles. Period. Bad Company 2 managed to take the Battlefield series and make it fresh again yet also capitalize on the mistakes of IW and the COD franchise.

Let’s start with the single player campaign. It’s ‘OK’. I know you were probably expecting me to rave about it because of my previous statements about Modern Warfare 2, but honestly it’s just ‘OK’. It’s a short campaign that brings back the team from the original Bad Company yet doesn’t really explain what happened previously or why they have the name “Bad Company”. Since I haven’t had any experience with the original, it would have been nice if the two games were tied together a little bit better to bring new players up to speed. It also managed to not get me hooked on the team. The characters are decent, although full of cliche, but at the end of the campaign I still felt like I could care less about what happened to any of them.

With the single player campaign down, it’s time to move on to any FPS fans favorite part. The multiplayer. I’ll admit that I hate EA with such a passion that I normally refuse to play any game they have a part in. They manage to gobble up interesting games and franchises, then fire the original team and turn great titles into crappy games before moving on to the next hot item. I wasn’t thrilled with Dice using EA to distribute the game, but my love for Battlefield trumped my hatred for EA.

All online games have problems at launch. It’s inevitable. Whether it’s MMORPG’s or FPS games or even RTS titles, if they have a centralized server that needs to be contacted to play, chances are it’s going to be overwhelmed on release day and cause problems. BC2 was no exception. Log in problems, server kicks/restarts, lost points, poor performance. All these things plagued BC2 in the first couple of days. If this was any normal title, or a series that was new to the market, it would have spelled doom for the title and franchise. Dice managed to escape by making the best game of the year, and I’ll even go so far as to say the best game in the history of the FPS genre.

BC2’s game play is more immersive then any game I’ve played to date. Everything is done with such thought and detail that it’s hard not to get lost in it. From the deafening noise of a rocket going off next to you, to the creaks of steel support beams of buildings that just had it’s last load bearing wall blown out, everything sounds and looks amazing.

The Frostbite engine gives this game a level terrain destruction that is unprecedented. Everything can, and will be, destroyed. Is there a sniper camped out in a building causing trouble for your squad? No problem, bring the building down with some tank fire. Having a hard time keeping the enemy squad from disarming your m-com charge? Then lace the building with C4 and blow it up while the other team rushes in to try and thwart your efforts.

Everything in this game is hyper-realistic and done very well. The vehicle combat is difficult to learn yet engaging and rewarding. The 4 types of classes are all done well and serve specific purposes while also being able to compete with each other. That’s not to say there aren’t some balance issues, but for the most part they’re well thought out. The reloading animations are some of the best out there and the maps are gigantic. They give the Modern Warfare 2 maps a claustrophobic feeling.

After playing BC2, I’ve gone back to MW2 exactly 0 times. It was a decent game in a good franchise, but I realize now that what made me like Modern Warfare so much was that it was almost what I wanted to play. It was the best game in it’s market at the time and for that I enjoyed the hell out of it. The problem for MW2 now is that Battlefield: Bad Company 2 IS exactly what I wanted from this genre of game. It’s a modern millitary themed game that not only takes personal skill to play but also requires a level of team synergy that makes the multiplayer game much more enjoyable.

Check out the details of our PSKL dedicated BFBC2 server!

NOTE: InGrid recently changed their name to LifeShield, but the equipment and service is still the same as is reviewed here

If you are interested in how I got to this point, check out the first post.

As I discussed in the last post, I decided to go with the InGrid security system. I ordered up all the parts I wanted and waited for them to arrive. Before you even receive your hardware, you can set up your account with the web portal (http://myingrid.com/). You create a password for accessing the account as well as other security questions. All of this can be edited later but you might as well get it out of the way now. Once you finish, you can poke around the site and see what kind of settings are available to you. Interesting, but I just couldn’t wait for the hardware to arrive so that I could get started with…

The Install

The packaging and documentation were all very impressive. There’s a great attention to detail they show here and it does not go unappreciated. The photo above shows all the stuff I got to start with, although I might add more later. It includes some very nice signs which I think I’ll be leaving in the box. Letting people know you have an alarm system is one thing, letting them know exactly what kind you have is another. Maybe I’ll put up some Brinks signs or something. When you open up the big box, you get this:

A paper telling you, among other things, that “specialty sensors” can’t be added until 24 hours after system activation. No problem, plenty of other sensors to install first. It ended up being less than 24 hours for me anyway. Also included is a CD with PDFs of all the manuals. Then you get to the meat of the system:

The numbered boxes make it even easier than I thought it would be. These 4 units make up the backbone of your security system. They are already associated with each other so there is no “syncing” to be done with these items. Just follow the simple instructions for each box (basically, connect the internal backup battery and plug it in) and you are good to go. Here is a shot of the book showing how simple the instructions are:

As I mentioned, all of the items have internal backup batteries. Supposedly, the batteries will last around 24 hours if your power goes out. They are all simple rechargeable-phone-type batteries that you can buy at WalMart. First up is the base unit:

This guy is the real brain of the operation. You plug it into your internets and into your phone system (VOIP, in my case). It has a cradle for charging the phone unit, but the phone also comes with a charging base, so you don’t NEED to use this to charge the phone. I prefer hiding this somewhere out of sight so that nobody knows where to look to disable your system. If you are using your phone system as a backup, two of the other parts have phone jacks (the Console and the Grid Extender)…which means that this unit could be destroyed but either of those units could still phone home to the monitoring service. That’s part of what is so cool about this system…it is so decentralized.

Next up is the Handset and charger. Here is a pic next to a soda can for size reference:

This handset has all the functionality of the Console, which is up next:

Either the handset or the console can be used to arm the system, disarm the system, view the status of sensors, and act as a phone (the console acts as a speakerphone). You can set the console on a countertop or mount it on the wall. It needs to be connected to AC power at all times (the battery is really just for backup purposes) so you are somewhat limited in mounting options. These units are also used for adding sensors and other goodies to the system. We’ll get into that shortly. I should also mention that you can view your current weather on either of these units as well as any “weather alerts.” Neato.

I didn’t take a photo of the grid extender… it isn’t very exciting. Basically a brick that you plug into the wall. As I mentioned before, it has a phone jack which will be used to call the monitoring center if other systems fail. The grid extender also does what the name implies… it physically extends the network for sensors and other devices to be recognized by your system, so you should take that into account when deciding where to place all this stuff. You can even put a grid extender in your neighbor’s house (with permission, of course) and plug it into their phone line. That way, a thief would have to cut your internets, your phone, AND your neighbor’s phone to stop the system from calling in an alarm. If power, phone, and cable are knocked out for your entire neighborhood…well… I guess you are SOL… but InGrid says they have a GSM backup module coming soon, so you’ll be able to breathe easy.

Once you have these 4 items powered up, you can activate your system online with myingrid.com. Very simple process that involves getting a code from the website and then entering it into your handset. Done. Now you can start adding open/closed sensors to your windows and doors. Here’s a little video introduction to the open/closed sensors, followed by a video I made explaining the very simple process of adding a sensor to your security system:

Easy, right?

You can add a bunch of these sensors and then sit down at your computer and name them appropriately from there (if you don’t want to do it from the handset or console).

Once the 24 hours have passed, you’ll get an email to tell you that your system has been activated and you are now in “Practice Mode” for 7 days… which means that any alarm you set off won’t call the monitoring system. So you have 7 days fool around and see how things work without being afraid that the cops will show up and yell at you. This activation email also means you can install your other sensors and dealies. In my case, that meant keyfobs, a siren detector, and a motion detector.

Here are a few videos showing my experience with those 3 addons:

All of that was pretty painless, right? I was a bit annoyed at how the motion sensor integrates with the system, so it gave me an excuse to call their tech support. The problem is that it logs motion events whether the system is armed or not. I understand that concept with door/window sensors, but not with motion sensors… The idea is to keep them in living spaces, so that means you’ll be tripping it all day long. Every time it senses motion, the console and the handset both display “Open: Motion Sensor” as if it is a window you keep opening and closing. My event log on myingrid.com very quickly just gets spammed with these “events.” Sure, I can filter the event log, but I shouldn’t have to. I asked tech support about it and they basically told me that it “isn’t a big deal” and that’s just how it works. They are right, it isn’t a “big deal,” but it IS annoying. There should at least be an OPTION to set it so that motion detector events only get logged (or noticed at all) when the system is armed. Working the way it does, I’m going to put a cover over my motion detector and only take it off when I leave the house or go to bed at night.

Now that the system is up and running, the only thing left to do is give you a quick tour of the myInGrid web UI. The following slideshow takes you through a bunch of the important screens. Many of the features shown here are also available via their mobile-friendly version of the myInGrid site, including being able to look at content grabbed by the cameras attached to your system (I really need to get one of their cameras). If you move your mouse over the slideshow, the controls pop up at the bottom which will allow you to pause it or move forward or backwards in the slideshow. The caption on each screenshot explains what you are looking at.

View the screenshots here if you want to look more closely.

I already mentioned the cameras they offer to integrate with the system. They have a few other items that I don’t (yet) own, but you should know about:

• Glass break sensors – these recognize the sound of glass breaking and trigger the alarm
• Water/temperature sensors – these are convenience sensors that alert you to a change in temperature and/or water where it shouldn’t be. I need one of these for our upstairs laundry room.
• Smoke/heat detectors – you can use these rather than the siren detector I’m using.

I’m hoping that they’ll release some new products soon, such as:

• A thermostat – would be killer to be able to see the current temperature and change the desired settings remotely
• Light/appliance controls – or just add a module that supports X10 stuff
• An outdoor camera - preferably wireless. If it is wired, make it support PoE and include a power injector. Seriously. I will pay for this.
• A doorbell. This would be interesting to log events on, and it could just ring through all the same units that chirp when a door opens.
• How about a module with a dry contact interface so we can start to have some REAL fun with this thing…

The Conclusion

So that’s pretty much it… If you have any questions that I have not answered, feel free to ask in the comments and I’ll do my best. Aside from the motion detector silliness, I think this is the perfect home security system…well, it is perfect when used in conjunction with the .44 Desert Eagle I keep in my bedroom. Maybe I should put a picture of THAT in my yard rather than the InGrid signs…

In the next week or so, I intend to do a bit of testing on this system. For starters, I’m going to do a bit of sniffing on that base unit so I can see what the data moving to the monitoring center looks like (and if it is encrypted). When I have the data compiled, I’ll make another blog post.

To learn more about the InGrid systems, or to get your own, just click here. If you feel the information I have provided here was valuable and you end up purchasing an InGrid system, please PLEASE use that link… It is my referral link. I’d really like to get some free monitoring.

UPDATE: Evidently, LifeShield is having some sort of problem with their referral system. I have received zero credit for any referrals, even though I personally know two parties that purchased the system using my referral link. If you are a customer and you are trying to get referrals yourself, be sure to call them and double-check that you have received credit when somebody uses your link. If you purchased using MY referral link and you wanna be a real pal, PLEASE send me an email with the name you have on the account so I can contact them and get credit. email to jeremy at pskl .dot. us

NOTE: InGrid recently changed their name to LifeShield, but the equipment and service is still the same as is reviewed here

As a security-conscious home owner, I recently came to the conclusion that I want a security system in my house. Partially because I have a family and belongings that I’d like to protect, and partially because I’m somewhat paranoid, it just seems like a good idea. I thought I’d blog about it to share my experiences with others who may be considering the same thing.

You have a lot of options, of course, but the big two options are: DIY or professional. We’ll talk about the professional option first.

I got quotes from two different home security companies: one big one you’ve heard of, and one local shop. I asked for pretty much the same coverage and monitoring on both systems, and both quotes ended up being very close. Here’s what THEY were able to accomplish for me:

• open/closed sensors on every accessible window and door (all wireless)
• one central keypad/base unit
• two keyfobs for arming/disarming system (big clunky keyfobs that look like car alarm remotes from 1994)
• smoke detector (which is in addition to my existing house-wired smoke detection system)
• GSM module for communications with the call center (rather than using a landline… this accounts for $15/month on each service)
• warranty on all the system parts as long as you are a paying customer
• and the call center that monitors for burglary, fire, etc.

Both quotes were in the neighborhood of $1400 for installation. The local shop was going to charge $45/month for monitoring, the big company was going to charge $54/month. The biggest catch? Both came with a standard THREE YEAR contract. If you want to cancel the service before then, you have to pay a hefty fee. Lame.

FYI: I’ve heard horror stories about certain companies that will install a bunch of equipment for almost no cost, but then they have a big, nasty “buy out” fee (often over $1k) that drops WHENEVER you stop paying for monitoring service… even if it is after your initial contract is up. You basically have to buy out or pay for monitoring until you die. Neither of these companies work that way, but be sure to look at the fine print if you hear tales of free installs.

Neither of these were terribly attractive to me. I didn’t like the high install cost (I know they are gouging me on the hardware costs…I can look up the quoted parts on the internets, folks). I didn’t like the high monitoring costs (especially the big company… they charge extra every month for smoke alarm monitoring. Really?? It costs you more to call the fire company than it does to call the cops?). Those were perfectly acceptable, however, compared to the 3-year contract. Why three years? They clearly aren’t subsidizing the installed hardware with the subscription cost… so it is clearly just to screw the customer. They are simply afraid that you’ll decide in 6 months that you don’t want (or need) their service any more. I say BS.

I was also very disappointed in how low-tech all this stuff is. These companies seem to be mired in equipment and concepts from a decade ago, such as using POTS lines. The ability to use a GSM module to communicate with the monitoring center is clearly just tacked-on and meant to be used as a backup for landlines. It adds no functionality. There is no option for any kind of internet integration, such as email notifications or even SMS. The systems still simply call the monitoring stations when there is a problem rather than having some sort of heartbeat that is monitored, showing that all systems are green, etc. There is no mention of adding cameras to the system or integrating surveillance in any way. Even the salesmen are low-tech. The big company rep provided us with a quote that he came up with using a big calculator and wrote out on a piece of note paper. It was like I was buying a set snow tires. I’m guessing that this industry’s target audience is retirees.

So that brings me to the DIY systems. I did a great deal of research on these systems and learned quite a bit. I decided that a DIY system should do all the cool stuff the other systems cannot. It should be able to send me e-mail alerts or call my cell phone, at which point I can decide what to do about the alarm. It should be cheaper, and I shouldn’t have to pay for monitoring fees. I’d love to find a system that had a minimum of hardware and lots of software… perhaps a USB device that can interact wirelessly with some standards-based window/door sensors and an application that runs a web server of some sort. Wait… then I’d have to open a port to be able to access it from my phone… and I’d have to depend upon the software coders to be security-aware and not have a flawed httpd (not very likely)… and the whole thing would be worthless if my internet connection was down and/or my power is out longer than my battery backups last… so I guess I would need to have the software talk to an off-site server… and no such software/hardware seems to exist. Well, not as a DIY (please correct me if I’m wrong). This means we are back to paying for monitoring.

I’m OK with that, actually. The more I think about it, the more I understand the value of having pros monitor my system. If I’m unavailable to take a phone call and my alarm goes off, I want the cops or fire department to get called. I’m tied to my cell phone enough, I don’t need another reason to stare at it at all hours… “I need to check my phone and make sure my alarm system hasn’t called or emailed me!” No thanks. I also don’t want to trouble my neighbors or family by having it call them. So now I’ve settled on paying a monthly fee, it is just a matter of how much I am willing to pay.

In the course of my research, I looked at systems on the following sites:

• http://www.smarthome.com
• http://www.smarthomeusa.com
• http://www.homesecuritystore.com

Smarthome.com and homesecuritystore.com both offer monitoring service via Alarm Relay for $8.95/month. That’s a pretty nice price, right? I guess so, as long as you are only interested in simple phone monitoring. The service requires you to have a landline phone for the system. So much for my dreams of a nifty IP-based monitoring system. I don’t even have a POTS phone line and I don’t really want to get one. If I was a thief, that’s the first thing I’d cut before I enter a house. They also require a 1-year contract. Meh.

I found a few people talking about Elk systems…evidently, you can put together a pretty hard-core system using their hardware and software, but the stuff looks pretty intimidating. You can buy it and DIY it, but it is really meant for installers. I don’t want to be an alarm installer. I don’t mind getting my hands dirty for certain projects (especially if I think the knowledge gained will be useful in future projects), but this isn’t really one of them. I want something that is fairly simple to install yet feature-packed…and I don’t think that is asking too much. I also want the system to be super-reliable, not something that is a learning experiment for me.

After hours and hours digging through these sites, I tried another google search and I found something called InGrid Home Security. A quick look around their website and they had my undivided attention. I started closing the other browser tabs that I had left open. Here are a few of the features that caught my attention:

• No contracts. They bill month-to-month and you can cancel any time you want. Period.
• Monitoring for $19.99 or $29.99 per month (more on this later)
• Simple DIY installation
• Loads of options for email alerts/notifications
• Totally IP-based monitoring (a landline can be used as a backup)
• Complete control and personal monitoring via the web and smartphones (I can see if a door is opened or closed, for instance)
• Keyfobs that are 2-way, so you get a response as to whether or not your command was received (awesome)
• Camera integration, also viewable via the web and smartphones
• Inexpensive hardware, and very modular
• A sweet referral program

Sounds pretty good, right? I wish the monitoring was cheaper, but at least I’m paying to get a bunch of nifty features that I really want. Simply put, the $19.99/month plan is for self-monitoring (so you can use all the web features and alerts and such), $29.99/month is for full monitoring (which includes all the self-monitoring features, plus the main feature you want: they’ll call the authorities when there’s a problem). They also have a referral program that will net me free monitoring for life if I can get 5 people to get their own InGrid systems. Their website links to over a dozen glowing reviews from PCWorld, The New York Times, The Wall Street Journal, Yahoo Tech, and more.

Sold. I priced out a system that would cover all the same bases as the quoted “pro” installs. It came out to $485 for all the hardware. Not only is that crazy-cheap, but I actually am getting MORE than the pro installs offered: even the basic InGrid system comes with the central keypad AND with a secondary keypad that also acts like a phone… perfect to keep in the bedroom. There’s a 30-day money back guarantee, and since there is no contract, I could ditch the whole thing 6 months from now and sell the parts on ebay.

Since it is so cheap, I figured I’d add on a few more features: 2 more open/closed sensors that I’ll put on the garage doors and a motion sensor that I’ll use inside the house. Now I’ll be able to get a clear answer when I get to work and say “did I close the garage door when I left the house?” The only thing I didn’t order is a camera. I think I’ll get one or two eventually, but I can’t think of a good use for one quite yet. You have to use the InGrid IP cameras, unfortunately, and they only make one. I’m hoping they add a weatherproof outdoor version soon. Cameras inside my house that feed to a server I don’t control… that makes me a little queasy. Cameras outside my house showing me who is at the front door? That sounds OK.

So now my system has been ordered and I’m anxiously awaiting delivery. Their offices are less than an hour away from my house, I should have just offered to drive down and get the stuff… In my next blog post, I intend to meticulously document the install/setup process (including video) so you can see how it all really works. So come back in a week or so and a new post should be up.

Part 2 of this post is now available here, detailing my experience installing the system.

To learn more about the InGrid systems, or to get your own, just click here. If you feel the information I have provided here was valuable and you end up purchasing an InGrid system, please PLEASE use that link… It is my referral link. I’d really like to get some free monitoring.