Tuesday, April 29, 2014

Blocking Torrents on Library Computers

One issue for any location which provides free wi-fi are web-torrents.  Torrents are a way for individuals to share files over the internet.  When they are used legally they can be a great tool for transmitting information.  Unfortunately, web-torrents are often used as a means of illegally sharing copyrighted materials, and there have been cases reported of public and university library patrons using torrents to download pornographic materials on library wi-fi connections.  Torrents also eat up a tremendous amount of bandwidth, meaning one patron can slow down connection speeds for everyone who is using the library wi-fi. 

Some modern wireless routers include protocol blocking that allows you to block web-torrents with the click of a radio button.  The block torrents option is usually found in the Firewall configuration of your wi-fi router.  If you have multiple wi-fi routers that are connected via cable to a central firewall, then you would need to access your Firewall control panel to apply torrent restrictions.  On older routers you may need to manually configure protocol restrictions to block torrents.  Torrents typically use TCP and UDP connection protocols on ports 6881 through 6889.  Some varieties of torrent software can use up to port 6999, but blocking the 6880 ports should be enough to stop the majority of your torrent traffic, without running the risk of blocking ports that are being used by other programs.

The instructions listed below are protocol instructions and are not specific to any particular router.  You'll have to refer to the owner's manual of your device for exact instructions on how to access your router's Firewall Control Panel, or how to apply these conditions.  If you are on a university campus and have an IT Specialist available they should be able to interpret these instructions quite readily.

Step 1:
Open your Firewall Control Panel

Step 2:
Create Rule > Access Restrictions > User Defined > Protocols > TCP > Port Range: 6881-6889 > Select inbound and outbound traffic > Apply

Step 3:
Create Rule > Access Restrictions > User Defined > Protocols > UDP > Port Range: 6881-6889 > Select inbound and outbound traffic > Apply

Step 4:
Read any messages that appear on your router control panel, as many routers will require you to reboot after applying the changes to the Firewall settings


Testing to make sure the rules were applied

To test that the ports have been closed, take a Linux PC that has the program nmap installed, connect to the wi-fi network that you just applied your new rules to, open a terminal and type the following commands:

To check your ports are closed to TCP protocols type:

nmap -p 6881-6889 <local ip of your wi-fi router>

To check your ports are closed to UDP protocols type:

nmap -sU -p 6881-6889 <local ip of your wi-fi router>

For example, if the local ip of your wi-fi router is 192.168.2.1, then the first command you enter would be:

nmap -p 6881-6889 192.168.2.1

If the changes applied successfully, then nmap will produce reports which show all of those ports are closed to both TCP and UDP protocols.  


Saturday, April 12, 2014

Random Tip: Three beeps at start-up may mean it's time to replace the RAM

Every now and then I'll post random tips regarding things you may encounter while working in a library.

If a computer suddenly halts in the middle of what it's doing, tries to restart itself and makes three beeps that are coming from the machine's internal speaker and there is no image on the screen at all - not even a BIOS screen, it usually means one of the RAM cards inside the computer has failed.  The problem can be solved, and the machine restored to use by replacing the RAM chips on the motherboard.  RAM is also referred to as your "desktop memory" and refers to the chips long slender chips -there can be anywhere from one to four of them- that sit in inside the computer perpendicular to the desktop.

An image of a RAM chip

If you have IT staff at your library the best thing is to put RAM replacement in their hands, but if you are a small library and have to do the job yourself then one thing that's key is to make sure that the replacement RAM you purchase is the right speed.  When you pull the old RAM chips out there's usually a sticker somewhere on the chip which will say something like "PC5400 DDR2 667 MHz", that is the RAM speed of the chips, and you'll want to make sure that the replacement RAM you install matches the specs of the chip that you pull from the machine.  It isn't important to get an exact match on the brand of the RAM, as many PC manufacturers purchase their RAM from various suppliers, and often the brand of RAM that's installed stock on a machine can be very difficult to find.

It is important to purchase RAM from a company that has a good reputation.  Replacement RAM is a commercial product that's usually handled by computer experts so companies become leaders in the field by reliably providing working parts.  I have a personal preference for PNY and Crucial brand RAM chips as I've used them many times and have never had a defective part, but those are by no means the only producer of high-quality RAM chips, and preferences will vary.


Here's a link to a reputable website on how to replace your RAM.
http://www.howtogeek.com/101856/hardware-upgrade-how-to-upgrade-your-pcs-ram/

One item to reiterate before you begin this project: the PC must be disconnected from any power sources, and the power plug and all connecting cables must be pulled out of the computer before you attempt to replace computer RAM.  Failure to do so can result in a build-up of static electricity that will short out the motherboard and render your computer completely useless.

I'll be posting more random hints as things occur to me.