Know How... 136 (Transcript)
It’s time for Twit’s annual audio survey and we want to hear from you. Please visit twit.tv/survey and let us know what you think. It only takes a few minutes and your anonymous feedback will help us make Twit even better. We thank you so much or your continued support. Twit.tv/survey.
This episode of Know How Is brought to you by Smart Things. Smart Things lets you monitor, control, and automate your home from wherever you are using your smartphone. Right now Smart Things is offering Know How listeners 10% off any home security or solutions kit and you get free shipping in the United States when you go to smartthings.com/twit and use the offer code twit at checkout.
Today it is NAT, DMZ, Quad Copters and other letters.
Father Robert Ballecer: Welcome to Know How, it’s the Twit show where we build, bend, break and upgrade. I’m Father Robert Ballecer.
Bryan Burnett: And I’m Bryan Burnett.
Fr. Robert: And for the next 45 or 90 minutes we are going to be talking about some of the projects that we have been playing with over the last few weeks, so that you can take them home and geek out on your own time.
Bryan: That’s right. The things that have interested us over the last couple weeks in this last story actually kind of just frightens me.
Fr. Robert: Yeah, every once in a while we stumble upon a project that is like oh that is really cool. And then a second later we say that is terrifying.
Bryan: The possibilities are… so if you are wondering what that is, it is car hacking. What is the name of the kid?
Fr. Robert: The name of the kid is Eric Evenchick. I think he used to work for Tesla.
Bryan: As an intern or something.
Fr. Robert: Right. Smart kid. And what he has done is he has created an inexpensive device that runs between $60 and $100. It interfaces with the OBD2 port, that is the onboard diagnostic port in your car. Which connects to the CAN. That is the control area network. So that is everything that is connected in your car, which in a modern car is everything.
Bryan: Every car in the last two decades has the system.
Fr. Robert: Exactly. And controls braking, the engine, the entertainment system, the lighting. Basically anything that does something in your car that requires the input of a computer is connected to the CAN. So he has created a device that will plug in to the OBD2 port on your car and the other side has a USB port that plugs into your PC and it gives you access to everything.
Bryan: You have been able to get access to the OBD2 before but this is something that allows it to translate into a more usable, hackable format.
Fr. Robert: Exactly. The OBD2 port has always been there. Anyone who has messed around with cars has probably found it. There have been a lot of aftermarket car parts that will utilize the OBD2 port to advance timing, or to mess with the performance of the engine.
Bryan: Or to take off that speed limiter that might be there.
Fr. Robert: Yeah. Or even, for example like mine I just use it so that I have a separate screen that will log RPM and engine tach.
Bryan: There is a little dongle that you had and BYB that would log the miles in things like that in your admissions of things.
Fr. Robert: So it is a useful port, it is not like it is an exploit.
Bryan: It was designed in an era where they didn’t think of encryption, there is no password or anything like that to get access to that stuff.
Fr. Robert: No. Now, the one difficulty has been the language that the OBD2 port speaks is kind of cryptic and it really was designed for diagnostics. But what this dongle does, what this Eric has created is it converts it into a programming language that basically any hacker can figure out. That is cool. This is actually designed to be a tool so that you can look at the inner workings of your car. He says he wants it to inspire the next generation of car hackers to do things like change engine timing to increase performance or increase economy. Allow you to interface the entertainment system with other pieces of technology. The problem is this is so incredibly easily abused. Essentially anyone who has physical access to your car, and that is anyone. Unless you keep your car in a vault.
Bryan: It wouldn’t be too difficult.
Fr. Robert: All you would have to do is get inside, plug this and if you can reprogram someone’s CAN. If you read programmed their CAN, you can make their car react anyway you wanted to react.
Bryan: And with some cars you don’t even need to get physical access to the system.
Fr. Robert: We actually covered that story a while back. The connected drive.
Bryan: Something like that. But they were able to get into the system through the entertainment software.
Fr. Robert: Which, again is connected to the CAN. So we are starting to get in this era where manufacturers are going to have to figure that they need an air gap. There has to be an air gap somewhere that you can say, I don’t need any access to the computer that controls braking, or the engine. So let’s put that aside unless I physically do something better. Like a key or a code that has to be connected into a secure area. Otherwise, if you’ve got something like connected drive and it is not protected and it is really easy to get into, someone can rewrite your car as you were driving. And that would be so not good.
Bryan: From my own experience using the Rasp Pi or something like that I would love to be able to mess around with all the options. But sometimes it is like oh I should have done +1 instead of -1 and now my brakes don’t work, oops.
Fr. Robert: Well the Rasp Pi you could just reinstall the OS but with a car you can’t go, oh wow my brakes made the car go faster, I should probably trouble shoot this.
Bryan: Let me just hook that up.
Fr. Robert: So don’t panic, this is not cause for mass hysteria. It actually is really cool. Because we are DIYers, we are makers and any time someone releases tech like this it does open up options. But hopefully, the car industry will figure out quickly that they are no longer building cars they are building computers that have engines.
Bryan: Well, I love this technology and I love the idea of being able to tinker with the hardware that I own. But we are in a wild West era where things aren’t as secure as they should be. And it is something that car manufacturers are going to have to think about. Especially as we get into the time of driving driverless cars and things like that.
Fr. Robert: I will say I don’t have this device but I did play around a lot with OBD2 when I living in San Jose. And I managed to interface it with my laptop and it was very cool. Late at night when it was raining to be able to flick off ABS and all the stability control. And just go crazy. You can’t do that when that stuff is on. It was literally like click and we were good and then reset it when I was done.
Bryan: Just don’t forget to reset it. Or let someone borrow your car for a little bit.
Fr. Robert: I was driving a front engine, rear wheel drive car at the time. The amount of power that is in a modern vehicle is uncontrollable without the computer assist. Because if you try to drive a car the way that you drive the car that has all its computers on, you will put it out of control. It really makes you appreciate how much the computer is doing.
Bryan: It is good to have that appreciation. But please let me know before you do it.
Fr. Robert: Let’s go for a ride. All right, let’s get away from cars because what we want to talk about is networking. Specifically, we had a question from the member of the audience in the Google plus group. Bryan do you want to take that?
Bryan: Yeah. This comes from Miguel. He wants to know how to segment his network. “I want to segment off my home network but I cannot change my router to my current one. It does not support any features to do that. Some of my colleagues suggested a NAT on NAT, a firewall OS and a switch/router that supports VLAN. To me this sounds very complicated, is there an easier way of segmenting my network? Just to be clear, I want two networks to communicate with each other”.
Fr. Robert: Yes. So you are talking about a NAT on a NAT and that is actually not as dirty as it sounds. It sounds bad. We don’t like it, it is not an ideal situation but it is something that you can do if you don’t have more advanced gear. I am going to give you two different options. I am going to give you that NAT on NAT and I'm going to give you a VLAN option which we are going to go into a bit more depth. But before we do that, there is something that you need to understand about IP addressing. Now, Bryan, you know about how IP addressing works right? The IP address we have on the Internet is a unique number that is like an address or phone number that is unique. If a server pings 143. blah blah blah, it will get to you.
Bryan: That is your outside address.
Fr. Robert: That is your outside address. Those are called routable addresses. And IPV4. IPV6 works the same way but it is much longer.
Bryan: Right. Because they needed more addresses for more people.
Fr. Robert: IPV6 has more combinations then there are molecules on planet Earth or something like that. It is a ridiculous amount of numbers.
Bryan: So we shouldn’t have any worry about running out of IPV6.
Fr. Robert: Of IPV6, we are already out of IPV4. But IPV4 is what networking solutions has been using for the longest time. It is the easiest to visualize, so that is what we are going to use for the demonstration. Now there is a difference between what are called routable addresses and non-routable addresses. So in the beginning, everything was routable. The idea was you had 4 routable octets, but I can’t remember the combinations - was it 32 bit? In the 90’s we started to realize we were already running out of space.
Bryan: The 90s was kind of a long time ago now.
Fr. Robert: Then we came up with this wonderful thing that we call to NAT, network address translation. Because subnetwork engineers figured out wait a minute not every device that is on a network needs its own routing address. It doesn’t need its own address because we don’t want outside world to communicate with it. So we came up with these boxes that did what is called network address translation. And it allowed us to take a single routable address and share it among a lot of devices.
Bryan: And I would be your local network?
Fr. Robert: That would be your local network or LAN. But before that could work they broke off a chunk of the usable addresses and they made them non-routable addresses. So anything that is 192.168.0.0/16 so that is 65,536 possible combinations. 172.16.0.0 up to 172.31.0.x.x/20 so that is like a million something on to 10.0.0/24 that is all of it. All of those addresses are now non-routable. But what it means is that I can reuse these over and over again every time I go behind a NAT.
Bryan: I was going to say the 192.168 is very familiar.
Fr. Robert: Every device that you buy on the consumer market is probably going to start with 192.168.0.1 or 1.1.
Bryan: A Linksys router.
Fr. Robert: But the important part is that any of those devices can use any of these numbers. All of these non-routable addresses. And like I said, if I have two different routers they can both use the exact same number because those are non-routable addresses. They don’t have to be unique. As long as those numbers don’t translate power to the box is fine. Everything works fine.
Bryan: There is no conflict.
Fr. Robert: There is no conflict. Which freed up those numbers. So even though we were running out of addresses in the 90s, we didn’t actually run out of addresses until the 2010’s and that is because when we started NATing off the devices that didn’t need a real address is saved us a lot of space. It makes sense right? Okay, now. Now that we know that let’s take a look at this. This is what Miguel, ME, is suggesting. You’ve got the internet, the router and then you’ve got a NAT and a NAT.
Bryan: And now these other NAT’s are other individual routers?
Fr. Robert: Right. So what I am doing is I am having the Internet, I’m having my cable modem/router whatever this is going to be, I’m assuming this is a home network, and I’m going to use multiple NAT’s, using a unique non-routable IP address as its range. So this might be 192.168.0.1 and this is 0.1.1 and then .2.1 and .3.1. I could use the same for all of this but to make it simple for us to keep track I am going to use different addresses. Now here is the fun part. He doesn’t want these networks to talk to each other. This network will not actually be able to talk to this network or this network and vice a versa. Anything on the same level cannot speak to the other routers, the other NAT’s on that box. It can only speak to a single address.
Bryan: A single address that is connected to the Internet.
Fr. Robert: Right. Anything in one of these NAT’s can address any device that is in that NAT and can address any device that is in the internet.
Bryan: Okay. It just can’t see the other NAT’s that are on the network.
Fr. Robert: Right. That are on the same level. So for example if I had multiple of these, these are my favorite. These are the old standard. This is a WRT54G. This is a classic because you can see it is the Funero. The idea was to share your internet. They had a program where they would send you a free router and I got like 12.
Bryan: Did you use them for your own individual NAT that you needed?
Fr. Robert: So what I can do, is I can take this and I can put this all on the same network. And being on the same network both being NAT’s on NAT’s they can only see one address. The WAN address from the other device. So the devices with in each of these NAT’s would actually be protected unless I did port forwarding or something like that. Is this making sense?
Bryan: Yes, this is making sense. I feel like it is a little bit NAT-ception but…
Fr. Robert: It is NAT-ception but I would not do this.
Bryan: If you wanted to do a home network where you had computers on separate NAT’s this is the way you would do it.
Fr. Robert: If you wanted a simple way to do it and you had a bunch of leftover routers you can do this. It is not preferred because when you NAT a NAT you start to run into performance issues, you can miss configure things and make things bad.
Bryan: And what I always run into is my gaming machine so any Xbox or PlayStation’s connected to the Internet will have issues with the NAT and being open or strict.
Fr. Robert: Now, essentially can you do this? Yes. Should you do it? No.
Bryan: I guess the concern is that if you had an infected computer on your network you wouldn’t want that getting transferred to any of the other computers?
Fr. Robert: Yes. So, in this example if this was a public network that had the Wi-Fi spot in everything and it was an infection over here that computer could see this and could see that and would be able to see the WAN address of this NAT but wouldn’t actually be able to see any of the devices behind it.
Bryan: So it is like a firewall?
Fr. Robert: It is a firewall, you are creating a firewall.
Bryan: Like the Titanic, I can’t think of the word.
Fr. Robert: Compartments? Watertight compartments?
Bryan: Making compartments of your network.
Fr. Robert: Exactly. Now, this double NATing, and we don’t like doing that. Because that means your network address is translating a network address translation. Don’t like that. Don’t do that.
Bryan: That is when things start not talking to each other and stuff?
Fr. Robert: It will work, but it tends to start slowing down and if you lose things, just don’t do it. It will work. But don’t do it. If it is a short time thing great if not, then don’t do it. Let me show you a way really quickly. I’m not going to action show you how to do it until next week, but if you have a router that can run DDWRT, one of the cool things about this is that it does what is called VLANs, and Miguel actually did mention that VLANs were one of the possible solutions. VLANs are incredibly powerful. Essentially it allows you to take the same cable, so rather than botching all this and putting a NAT on a NAT on a NAT, if you have a VLAN capable router port or VLAN capable switches it allows you to separate your network without having to run multiple cables and put multiple NATs.
Bryan: Or buy more routers.
Fr. Robert: Exactly. And it is incredibly powerful. What I’ve got here is a little bit of a video that is going to show you in broad strokes what a VLAN and can do. Alex, could you push that magic button?
Fr. Robert: We’ve got a really good demonstration, a really simple demonstration on how all this works. Now explain to me what do we have on the table? We’ve got these Intellijacks, which by the way I have to add these are some of my favorite pieces of gear to come out of Interrock. These are essentially power over ethernet powered managed switches. But why do we have four of them on the table? And what are they doing?
We’ve got a real simple configuration here that I show people what VLANs are about. I’ll show you guys what this is all about. So pretend this is a regular switch that is in your environment 24-4 switch 48-4 switch or whatever it might be. Pretend this is another one. And in these two over here we are just using them as end stations, pretend those are laptops or what have you. We are just using those as a device that we compete to two verify that kind of activity. So again, very simple configuration of two switches and two and devices and we just essentially have two VLANs going across here, VLAN 11 or VLAN 12 and we are going to show you how these VLANs keep that separated. The originating laptop over there can see one VLAN but can’t see the other VLAN.
Fr. Robert: And that is what you are saying right now on this feed. And that is if got two windows, one is trying to Pete this device and one is trying to peak that device and as you can see traffic is only getting through on one of these. The reason for that is that we have set these up so that port 1 and port 2 have the same VLAN on this switch as port 1 and port 2 on that switch. Which essentially means the on this one cable I've created two isolated networks so that traffic doesn’t flow between them.
That is absolutely correct. So to further that just a little bit, this port number one here is VLAN 11 and this port number one here is VLAN 11. Number two here is VLAN 12 and number two there is VLAN 12. On the back, this purple cable goes straight from here in the back of this with and that cable has both VLANs. And that is the VLAN tagged with 802.1Q and 802.1Q is the technology in the standard use to tag the VLANs.
Fr. Robert: What I’m going to do is I’m going to go ahead and switch this over to Port 2 and in a second I should start to see pings off that second Intellijack. But tell me how does the tagging work? Where do the tags start, how do they end and how do they run to my network?
So most of your workstations and servers typically are not going to send out a tag and a packet, they have the capability to use these but typically they are not. So a packet is going to come in in this situation to Port 2 and is going to be untagged, the switch is going to receive that packet with no tag on it. It is going to look at it and say that port is only VLAN 12 so immediately any packet coming into the switch, even a behind switch that has no configuration on it, is essentially what they do is tag the packet as a traverse switch. So the switch can keep an I on where that packet is supposed to live. So again, it comes in and immediately the switch tags the packet for the VLAN 12 and sends it out the back with the 802.1Q tag on it with VLAN 12 in that tag.
Fr. Robert: You can see on the screen that we flopped. So now I can access the other Intellijack but that first Intellijack is no longer pingable. if that is all it was, that would not be all that impressive. I can actually start grouping together VLANs. I can start grouping together other ports to particular network zones. Show me how I do that on this interface and tell me why I would want to do that.
So in our example here, you look at the screen and you can see on port one and it can switch number two here. In Port number one it has what is called a PVID of 11 and Port number 2 has a PVID of 12. PVID says if I receive a packet and I don’t know what VLAN I should put that on, that PVID says you can only receive a packet that doesn’t have a VLAN tag on it put it on this VLAN. In this situation we are putting it on 11 or 12. So here we go. What I’m going to do is make that laptop peen both of these in devices. And the way we are going to do that is we are going to switch port 2 here to VLAN 11. Alright so here we go. That is going to apply and now, we need to switch this back over to port one.
Fr. Robert: In a couple of seconds after it has dumped out its cache, it should show was that it can help you need both of the devices. That is correct.
Fr. Robert: Now we’ve got both feeds so that one port is now able to see the traffic on both of these switches. Both of these ports. Now, this is a very small demonstration but hopefully it shows you the power of a VLAN and it will totally inspire you to go out and play. Because again, the best place for you to find out more about VLANs is to get some gear that speaks VLANS and just start playing with it. Start assigning VLANs, make a few mistakes, reset the gear, find out how to use them and find out how they can benefit you in your network.
Fr. Robert: Now, we are not going to show you how to load DD WRT onto your router of choice because we actually did that, the original Know How crew did that back in episode three. So if you go to episode three of Know How, it is Ias and Leo, and they actually give you step by step instructions of finding the firmware for your router and loading it on. What we will do next week is we will show you some of the different options because it is not just DDWRT. There is also tomato and open WRT, those are also good options. We are going to go back and forth on some of the pros and cons of each one and then we are actually going to show you how you would do VLANs inside a DDWRT equipped router.
Bryan: Cool. Even though episode three was a while ago, the process really hasn’t changed.
Fr. Robert: If you have ever upgraded the firmware on your router, this is exactly the same thing. The only thing different is what you will hear is a 30/30/30 and we will explain next week what the 30/30/30 is next week. That is the thing that holds people up sometimes but seriously if you’ve got a DDWRT capable router, and you are not using a custom firmware you are wasting the hardware.
Bryan: You are missing out. There are so many fun things you could play with. Mix-and-match.
Fr. Robert: And that is what we will do over the next couple of weeks we want to show you some of the more advanced features because it is not just the VLANs, you can do things to the wireless and some fantastic things to the wireless. We are going to show you some of the pros and cons of messing around with the wireless settings. We are going to show you how you can install your own open VPN if you want to run a VPN out of your house. And we are going to show you how to use static router which are actually incredibly robust. If you ever wanted to do enterprise style networking that you didn’t want to buy enterprise priced gear, you will be able to do it with custom firmware.
Bryan: Or you just wanted to open up some ports to a certain IP address that you can play games without a NAT?
Fr. Robert: It won’t work. The only way for you to play your Xbox is directly hooked up to the Internet. Actually we are going to be talking a little bit about DMZ in just a bit. But first, let’s go ahead and take a moment to thank the sponsor of this episode of Know How.
Fr. Robert: Now, you know that Bryan and I are big fans of the connected home. Everything should be connected right? Were not talking just my computer, my lights or my camera. I am talking about my thermostat, my entertainment system, my sound system, my appliances, my light. Don’t you kind of expect… they promised us way back when that we should all have houses that are like Iron Man’s Jarvis.
Bryan: That’s right. I want my garage door to open when I roll up into the driveway, I want to know everything that is going on and I want to be able to keep my eye on Tibs, my little dog.
Fr. Robert: The thing is, that technology kind of it exists. But they are sewed jumbled and there are so many different manufacturers that offer this thing or that thing where that light switch I really want but this humidity sensor that I would really like installed. But there is no really good way to combine everything.
Bryan: Oh, but there is.
Fr. Robert: There is. Smart Things. What is Smart Things? Smart Things was CES 2015 most valuable product in a home automation sector. This thing is not just a home automation system. It is a way to connect all of your devices. It starts with that. That is the hub. This is the device that is going to allow you to connect multiple devices no matter what you are using. You want to use your smart home with your Sona sound system, your Nest thermostat, you can do that. What about your Drop Cams? Of course. Now the thing is, it is not just connecting member it is getting it the smarts. So that you can use something like the moisture sensor under the house so that it turns on a pump when there is water in the basement. It could use something like the open and close sensors to control security so that you will know if someone is entering your house. My personal favorite is this. That is the presence sensor. When you walk near your house, it knows that it is you and it sets everything to your settings.
Bryan: Where I would have it is to turn on in my life when I come walking up to the door.
Fr. Robert: For me I have it turn on the lights, turn down the temperature, I like it cold. But also do things like turn on my sound system. It is also integrated with my Drop Cam so if someone violates a boundary within the Drop Cam frame, I get a text warnings saying there is a package for you or someone is coming to the front door.
Bryan: Sometimes Shara will take my dog to her parents house but I still want my house to be protected so I could hook up one of these to play a barking noise when motion is detected at the gate.
Fr. Robert: It can do it all with Smart Things. Now, Smart Things is CES 2015 highest placed home automation system that one editor’s choice award. You don’t have just lights, locks, thermostat, you’ve got everything. And that is what Smart Things lets you do. You can control everything with intuitive controls that let you use set the rules on your smart phone through their free iOS, android and Windows phone apps. Now with Smart Things you can customize the way that you’re smart devices talk to each other. Just like Bryan and I just said make your house react the way you want it to it becomes your own personal Jarvis. You can set your lamps to brighten each morning at sunrise or whenever you want to wake up. You can protect your things with home security motion detection sensors, water detection sensors and more. You can set the cameras to take a series of photos when unwanted motion or injury is detected. And you can have your doors recognize you when you walk up. And have them unlock themselves. Welcome home. There are so many different ways to customize your’s Smart Things home. Now here is what we want you to do. We want you to get started setting up your smart home right now. Smart Things is offering Know How listeners 10% off any home security or solutions kit. And you will get free shipping in the United States when you go to and use the offer code twit at checkout. Smart Things. Your smart home now. We thank Smart Things for their support of Know How.
Bryan: Thank you, Smart Things.
Fr. Robert: Now, Bryan.
Fr. Robert: We took two weeks off from the Alien X Quad Copter build because we wanted to give people a chance to..
Bryan: To catch up. To get the parts so they could play along.
Fr. Robert: But those two weeks have elapsed and it is time to show them how to put it all together. Alex, do me a favor and push that magic button.
Fr. Robert: in the last installment of Project Alien X we showed you the parts and tools that you will seem to build the stretched 450 class quad copter. This time we are going to show you exactly how to build it. The first step in integration is mounting motors on the Alien X arms. Your frame kit should have included 4 arms in 2 different colors. Decide which arms will be forward and which ones will be asked. Now mark your arms from 1 to 4. With one being the forward left and two being the forward right, three aft right and four aft left. This is important if you are using motors that are threaded for clockwise and counterclockwise operation and it is just good practice if you ever need to disassemble your Alien X. In our set of EMAX 2213 motors, the two red Motors are threaded to turn counterclockwise while the two black Motors turn clockwise. If you have a similar set up rotation for the motors but are unsure of which way they are designed to operate, just remember that holding the prop that while turning the motor in the direction it is supposed to turn will tighten the nut. Take our number one and one of the motors that turns clockwise, again in our build it is one of the black cap motors. Then mount the motor to the arm using four M3 – 0.58 mm machine screws. The length is important. Because 6 mm screws won’t penetrate far enough into the motor housing and 10 mm screws will penetrate too far. Apply a very thin dab of Loctite glue on each screw to prevent them from vibrating loose. Repeat the process for all forearms. Our number three gets the other black cap Motor while arms two and four get the two red capped counterclockwise turning Motors. Now that the motors are mounted let’s get the electronic speed controllers installed. If you are using the EMAX 2213 that we suggested then you already have pre-soldered male 3.5 mm bullet connectors on the motors. However, our ready to fly quads red series 30 amp ESC’s need female 3.5 mm bullet connectors on the motor leads and male 3.5 mm bullets on the power lead. I actually prefer to not have pre-soldered connectors on the ESC’s because it allows us to cut the motor leads down to keep excess wire to a minimum. Read your motor leads up through the lattice of the arms with their connectors ending up on the upper surface. Then place the ESC towards the rear of each arm and eyeball how much wire you can remove. Account for the length of the wire but if it is too short you will have to solder new wires. Measure twice and cut once. Then repeat the process for all four ESC’s. It is time to solder the connectors. Strip about 4 mm of insulation from the ends of the ESC’s motor leads, ten your leads then solder 3.5 mm female bullet connectors to each lead. The easiest way to attach the bullet connectors is by heating the bullets until you can flow solder inside the mounting cup. Fill the cup halfway with solder and then insert your pre-tened lead. Allow the solder on the lead to reflow. Then remove heat and hold the wire in position until the solder cools. With the motor leads down you can now solder male 3.5 mm bullet connectors onto the power leads of the ESCs using the same process that we used for the female connectors on the ESC motor lead. Double check your work, look for a empty mounting cups are obvious gaps between wires and solder. The heat shrink will hide bad joints so it is best to take a second and third look now. Once your satisfied with your soldering work use lengths of 3/16th inch heat shrink tubing to insulate the connectors. For the female connectors you want to cover everything from and of the connector to a quarter inch past. For the male connectors insulate everything from the rotating part of the bullet to a quarter inch past. Connect the motor leads to the leaves on the ESC’s and zip tie them to the far end of the arm away from the motors. The ESC should be securely mounted to the arm and I like using a second smaller zip tie to secure the motor leads. But don’t overly tightened the motor leads and don’t zip tie the wires to the motors. As we may need to swap several of the connectors when we check motor rotation in the next segment. Set the arms of side and let’s make a power harness. Our power harness starts with a 45 mm power distribution board from ready to fly quads. Basically any power source you connect to the positive and negative leads on the inside of the board will be distributed to any devices that are connected to the positive and negative leads on the outside of the board. The board comes with soldering points for 8 ESC’s and three peripherals but we are always going to use the four point towards the front and the back of the board. Cut 8, two inch lengths of 14 gauge silicone wire. Four black and four red. These will become the leads that go from the distribution board to the power leads on the ESC’s. Also cut a pair of 5 inch lengths. These will become the wires that connect the power distribution board to the battery. Strip 4 mm of insulation off of each end of the two inch wires and tend each end. Now solder a female 3.5 mm bullet connector to the end of each of the 2 inch wires. Insulate each connector with heat shrink tubing as before. The 5 inch pair of wires will be connected to a female XT 60 connector, a popular connector found on many LIPO battery packs. Soldering XT60 connectors can be a little tricky because too much heat will melt the plastic housing surrounding the XT 60, warping the alignment of the conductors or destroying the connector altogether. I’ve found that the easiest way to solder the XT 60 is to first plug the connector into its opposite to spread the heat and to maintain alignment of its conductors. Insert your pre-stripped and tend leads into the correct cup. Note that the negative lead will always be on the side of connector with the cut corners. Then apply heat to the wire, not the connector. When the solder on the pre-tend wires start to flow quickly apply solder to the wire and fill the cup. Never spent more than eight seconds applying heat and make sure to let the XT 60 cool before soldering the other wire. Once your wires are attached use 3/16 inch heat shrink tubing to insulate the conductors. Now let’s assemble the power distribution board. Making sure to match the positive solder points to the red wires and the negative points to the black wires, solder each to which lead to the board. Making sure to use the front two and rear two contact sets for the ESC leads. Take the 5 inch leaves and solder them into the contact points on the inside of the board. You can use either side of the board but you will want all your wires mounted on the same side, it doesn’t have to be pretty but try to avoid an excess of solder which risks a bridged connection, a really bad thing when you are passing 50 to 100 A through the board. With our leads in place and the boards checked for solder bridges it is time to mount the power distribution board on the lower half of the frame. If you are wondering which plate is the lower half, the lower half is wider and longer than the top half. Using nylon spacers and the pre-drilled mounting holes secure the board so that the solder points point up and the power leads point into the front and rear of the frame. If you have the spacers you can also screw spacers on top of the board with a total height of 1 1/2 inches. This will allow you to secure the board to the top frame once the arms are installed, making your framework rigid. Remembering that the numbering of your arms, attach them to the bottom plate with two screws each. Pass the power leads through the arms and connect them to the leads from the power harness. Make sure not to flex the frame or put any undue pressure on it since it is relatively fragile until the top half of the frame is attached. Using the included screws, attach the top half of the frame to the arms. Once those are fastened use four aluminum posts to complete the tail towards the rear of the frame. Then zip tie your receiver to the tail and use the excess zip tie length to secure the receiver’s antenna. Using more nylon spacers about the flight controller on the top deck directly above the power distribution board. This is the center of gravity for your craft. I’m mounting the flight controller on the top deck because I am using a K2.1.5 board and I want easy access to the controls while tuning. But you can also mount your flight controller within the frame just above the power distribution board. Using the four included rubber adapters install the clean plate on the nose of the alien X. This clean plate will allow you to mount go pro style cameras on a surface that is somewhat isolated from the rest of the frame, reducing vibration while placing the camera in the nose of the craft. Now it is time to wire the flight controller. We are using the KK. So if you are using something else you will need to modify these instructions to fit your controller. The ESC’s will be connected to the row of pens to the right of the KK with the topmost set of pens for ESC one, the second set for ESC two and so forth. The number of the ESC is the same as the arm member I have you marked earlier. When connecting the ESC’s to the controller, make sure the ground wire is to the outside of the board while the positive wire is to the middle and the signal cable, usually yellow or white, is on the inside. Most non-opto ESC's include a battery eliminator circuit or BEC that provides five or 6 V of power to the flight controller and the receiver from the main battery. But they can also fry electronics if incorrectly connected. Check and double check your connections before you apply power. Also, while the KK will only accept power from the first ESC some flight controllers will fry if you connect them to more than one BEC equipped ESC. If you are using such a flight controller, snip the red central wire on ESC’s other than the first. Your receivers should have the schematic for which pins are signal and which are power. Plug one of your signal leads into the pins for channel 1 making sure to use the white or yellow wire for signal. Plug the other side of the lead into the topmost center pins on the left side of the controller with the white or yellow signal cable towards the inside of the KK. Take a second lead and connect it to just the signal pins of channels two through four on the receiver and then connect the other end of that lead to just the signal pins closest to the screen for channels two through four on the flight controller. Use the last lead to connect channel 5 from the receiver to the controller. Our KK came with a small alarm that gives us audible information about arming status voltage and if we crash and the weeds, location. On the top left side of the KK there are two pins labeled buzzer. Connect the red lead to the positive pin and the black lead to the negative. Now for the moment of truth. We are going to connect power to the alien X for the first time. Re-check your connections to make sure that you have not cross connected anything and make sure your props are not yet on the motors. Then, standing ready to remove power at the first hint of trouble connect your XT 60 power connector to a LiPo battery. If all is well that you should hear the flight controller B and C the LED screen light up. If so, congratulations. In the next segment of Project Alien X we are going to set up your receiver, to your flight controller, set motor rotation, square of the center of gravity and get you ready for air.
Fr. Robert: In the next episode we are actually going to show you some of the finishing steps. Because you do have to calibrate and set up the flight controller. You have to balance the craft, and hopefully you have already balanced your props as we told you how two weeks ago.
Bryan: I’m ready to fly, Padre.
Fr. Robert: I know, right? But building is actually part of the fun.
Bryan: I know, that Is why I let you do that. Then you let me crash them so you get to build them again.
Fr. Robert: That is kind of true.
Bryan: That is why we are a good team. I break them, you build them.
Fr. Robert: Let’s get away from quad copters for a bit because we will have plenty more. Because the next week you are going to have to learn how to set the center of gravity of these crafts. As we get bigger and bigger, that becomes far more important. Actually we did have a question about that. People were wondering how important balancing your quad is. It is incredibly important. The problem is, if you have one side of the craft that is heavier than the other the flight controller is going to do what it has to do in order to balance it. In other words, it is going to increase the thrust on the side that is low and decrease the thrust on the side that is high. The problem is, even though it looks level your Quad is actually using more of its power up front. Which means that when you do want to use it you don’t have much range left.
Bryan: I’ve notice when trying to do certain maneuvers if I am coming down at a certain speed or trying to go up at a certain speed it definitely affects the handling of the Quad if it isn’t balanced.
Fr. Robert: You just feel it. It won’t go as fast forward as it does backward. Or it won’t go as quickly to the left or to the right. The more balanced your craft is, the more power you need in reserve for when you actually want to punch it and make it do fun stuff. By the way I can’t remember who, but someone did in the Google plus group say that he landed his 250 in a pond. That is my nightmare scenario. I fly over water because it is beautiful but I know that if it goes in and it is gone. I won't get it back. I’m sorry.
Bryan: If you are going to be flying in an area overwater it might be a good idea to get a frame that will cover most everything. There is a quad that you can fly off your sailboat or something like that right?
Fr. Robert: We do you have an episode I think it is like 2 1/2 months from now where I am going to show people how to waterproof and pond to their quad. So if you do want to fly over water you can do it. Just be prepared. Now we do have a another question about networking. Bryan?
Bryan: This comes from Benjamin and he wants servers without hackers. “ If I want to run a server on one of my computers what is the best way to secure it and make sure that hackers cannot get to the rest of my network if they hack that server? Or would it be better having it on a nether Internet connection?”
Fr. Robert: Okay, this is actually a very good question. He wants to know if he runs a server at home, it could be any server, a game server, a file server or whatever it is going to be. If he allows people to access that server, what would happen if that server got compromised? The short answer is everything. Everything bad would happen. If you have the server in the same segment as everything else, if that server gets compromised and that server can see everything else then bad things can happen to everything else that is on the same network segment.
Bryan: Would this be kind of like what we were talking about earlier? Would this be something you would keep on a different server?
Fr. Robert: Yes. A different network or a better network. Better would be to put it in its own VLAN. So you have a VLAN that is set up so that only the devices connected to that port, which would be the server, can connect to the Internet. They can’t see anything else on the rest of the network. And the rest of the network can’t see it.
Bryan: Okay. What if you are at home and you want to access the server? You’re going out to the internet and coming back?
Fr. Robert: Yeah. Well actually what you are doing is going to the edge of the router and then coming back. It is not that big of a problem and it is actually far more secure. I am paranoid about running a server inside of my production network. Because, by definition I am allowing people to access it. And if I am allowing people to access it that it means that thinks can happen to it that I don’t anticipate. And I don’t like having anything in my core network that has the that I am not anticipating.
Bryan: And you would have to port forward to the server?
Fr. Robert: Let's talk a little bit about that. Because I remember there was this one guy who wanted to play games. So he decided the best way for him to be able to play games on his PC would just be to set up the DMZ to the IP address of his PC.
Bryan: That way he just got free access to everything. There is nothing holding you back.
Fr. Robert: There is also nothing holding them back. Okay. Refer back to our NAT discussion. Remember NAT allows you to take one routable address and share it with a bunch of non-routable addresses. And one of the advantages of that is something on the outside can’t actually see something on the inside. Unless you open up a DMZ. If you open up a DMZ you are basically saying everything, all the traffic that hits that routable address goes to one specific non-routable address on the inside which is a essentially the same thing as taking your computer, throwing away the firewall and plugging it into the Internet and saying hey, come own me!
Bryan: And DMZ stands for what you think it might? Nothing protected.
Fr. Robert: Nothing protected - just go. Now that used to be useful in the old Internet days when people were very ignorant of some of the threats that were out there. Never, ever use a DMZ. The only time I would suggest using DMZ is if you are doing something inside your network like NATing a NAT. I could actually take the DMZ and assign it to the web address of one of the other NATs inside of my network. And then I give that the ability to do cool things. But I would never take a DMZ and throw it on a particular device.
Bryan: Could we run a test some time where we have a computer on a DMZ and just see how long it takes to get compromised?
Fr. Robert: Yes. We can do that. And believe it or not, if you run a windows XP machine clean and clear with fresh installation on the open Internet which we can do. I would think within five minutes we would be compromised. There are scripts that are running constantly and within five minutes something would happen.
Bryan: Is the DMZ something that you have to be concerned about if you use it on a console? Or use it at all on anything in your home network?
Fr. Robert: Just don’t. Remember what a DMZ is allowing you to do is it is allowing you to take all the ports, all 65,536 possible ports, and they can all access that one device. An issue with a lot of older Windows boxes is they know well enough to block certain ports but they leave a lot of other ports opened by default. Even if they should be. And so what I would do if I was running an exploit I would be looking for those open ports and once I get one that is not properly protected I can now own the machine.
Bryan: And that is when you can insert malicious files and things like that?
Fr. Robert: Literally owning that. I can use the machine as if I am sitting in front of the keyboard. Scary. Now we have addressed a better way to do this. If you look at episode 101 of Know How, we actually did port forwarding and port forwarding, we did this with cameras remember? we could use this same vein for that server if that server is an FTP server. I know that is port 21, so I would only forward port 21 to the server and all the other ports would be shut down. Or if I knew that my gaming server is on port 2100 I would forward just port 2100. So if you want to know how to do that go to Know How episode 101. Which is kind of great. And you’ll figure it out.
Bryan: We were so young back then. I remember that. Oh no. That was terrible.
Fr. Robert: You had a lot of hot spots. This makes me realize he should never be given toys.
Bryan: We have way too much fun on these shows. I guess that about wraps it up, it’s been about 50 minutes.
Fr. Robert: One last thing. This is not a segment. This Is just a really quick preview. People have been asking when we are going to start doing 3-D printed objects. We can show it to you yet because the 3-D printer we have has not actually been released. It won’t be released for another month. In a month we are going to be going crazy on printing 3-D objects. It is not just these really cool shapes. But it is things that will help us in the other projects that we are doing. For example, I decided I wanted to start building a retractable landing system for some of my Quad copters. I came up with a quick mockup and this is just a servo attached to a little strut. What happens is when I activate the servo it allows me to extend and retract a landing gear. This is a super crude initial go. This is basically just me not sleeping. I have made a little tri-copter mount and the base is solid. My design for the upper plate did not, no. It kind of imploded in the printer. But when this is done, this will allow me to tilt my motor back and forth so I can actually have a Tri-Copter. The cool thing about this is that I have designed it so that it can takes standard and aluminum dowels. It is actually really solid. This is a lot stronger than I thought it would be. However, this did allow us to create some objects that would address another question that some people in the Google plus group had. They have about angled arms. And what the angled arms on quad copters are all about. Now, when you have a standard Quad copter, here is a 250 that some of us have built and crashed. There have been a lot of crashes and send us some of your crash footage, it is awesome. But, the way that we move a quad copter we reduce power on the motors in the direction we want to move and we increase power on the motors away from it. I want this to go forward I would dip it like this and now these motors are basically pulling me forward. The problem with this is that if you have flown quad copters you lose a bit of control when you do that. And you lose altitude. You have to increase the rest because you are falling. And it can make going around hairpin corners a little bit tricky. What we have been able to do, is tilt the motors inward. What tilting the motors inward does, is twofold. First if any of you have ever tried to go straight down, you are going to notice how it kind of wobbles. That It is because all the thrust is going straight down and you were flying into the air you just created. If you angle the motors so that they are all facing a little bit inward the thrust is going at an angle away from the craft of you are actually flying down into cleaner air.
Bryan: It gives you a little bit of a cushion.
Fr. Robert: It gives you a cushion and it allows you to get more steady shots. Check this out. This is the 250 frame that we have been using.
Bryan: They look like normal frames but they are…
Fr. Robert: This is a 250 frame that you can also give from hobby key but notice how it has a little bit of an angle to it. What that angle will do is allow you to use larger props that it gives you a natural upheaval so that I could take all of the components from this craft, put it on this board and now it is going to fly like a different craft. And, this is what I really like. When I am going forward and tilt forward so that these motors are up to pull me forward but the motorist here are no longer pointing, they are flat. Which means I am not going to lose altitude as I am going to those curves.
Bryan: That is cool. I want to play with them.
Fr. Robert: Yeah. This is nice. But, I bring this up only because the other night I was sitting at my desk and I was like you know what I want to give the audience a way to retrofit their craft without having to buy a brand-new frame and move everything over. So, I came up with these. I 3-D printed this on our not yet existent printer. These are just little stand offs, they are angled and they go under the motors on top of the motor mounts. What they will do is actually angled motors about 10° so that you get most of the same affect that you would from a frame with headrow. And the cool thing about this is that the total cost on something like this is ten cents. What I want to do when we get the 3D printers up and running, I want to print out a bunch of these and send to anyone in the audience that wants to mess with them.
Bryan: Just mass produce these.
Fr. Robert: Exactly. And the nice thing is that you can retrofit your old craft and it will feel like an entirely different craft. It feels much more aggressive. You do lose a little bit of flight time because the motors are kind of at odds with each other but it just makes it a much more fun ride.
Bryan: That is pretty neat. It is like adding different suspension to your car.
Fr. Robert: Now next week we are going to be continuing with the Quad Copter build. We are going to finish it out and let you get it into the air. We’ve also got our special on VLAN so I am going to show you how to VLAN off your network if you have a DDWRT compatible router and Bryan, you’ve got a segment on smart watches.
Bryan: That’s right. The Apple watch is coming out soon. I’ve been using the Moto 360 pretty religiously since I first got it but I thought maybe people would want to play with the do it yourself watch. That is much cheaper.
Robert: We like
DIY. Folks we know this has been a lot of material and believe it not we’ve got
some great notes for you. Including step by step directions. I literally wrote up all the instructions for assembling Project Alien X so if
you watched that video and you were a little bit lost, watch it along with the
instructions and it should guide you through each and every single step along
the way. We’ve also got notes for where you can buy various notes where you can
check out the data base for DDWRT compatible routers. That is just a great
resource to have. Where do they go to find that?
Bryan: They can find it at twit.tv/kh and like we pointed out earlier in episode 101 you can go back and flip through that because that is where all our old episodes live. There are also handy links for subscribing and yeah. You got drilled last week. Padre has been doing a good job with all his step by step notes and you can find all the links that you need to buy things, along with the prices and stuff. Yeah, but that is not the only place you can find our stuff.
Fr. Robert: You can find us on Google Plus. In fact that is where I insist you go. It is an 8000 member strong group and just go to Google Plus and look for Know How. It is not just Quad Copters, we’ve got quite a few networking geeks in there. We’ve got a couple people suggesting Rasp Pi and Ardueno projects. Jump in. That group is really the way that we figure out what you want to see on the show. Do us a favor, don’t just get in there and say I hate everything. In fact that doesn’t help. Suggest projects that you actually want to see on the show and if we can do them, we’ll do them.
Bryan: Yep. If you think we’ve been talking about something too much, that is fine but at least give us a suggestion of something else you’d like to see.
Fr. Robert: Don’t forget GPlus isn’t the only place to find us. You can find us on Twitter. I’m @PadreSJ.
Bryan: And I am @ cranky_hippo.
Fr. Robert: Follow us and you can find out what we are doing for every week of the show as well as suggest topics for future shows and see what we are doing just in general.
Bryan: All kinds of shenanigans. And speaking of Twitter. @anelf3…
Alex: We are out of time, Bryan.
Fr. Robert: Whoa, whoa, whoa.
Bryan: Somebody convinced me to put Windows 10 preview on my gaming PC downstairs last night. First thing that happened when I got to it this morning? It froze. I think it is okay now, I think it needed a good re-boot. We might do some Windows tips in upcoming episodes.
Fr. Robert: Give him some love folks. He just sits behind his desk and gets grumpy.
Alex: We are really out of time.
Fr. Robert: Fine whatever. Until next time I’m Father Robert Ballecer.
Bryan: And I’m Bryan Burnett.
Fr. Robert: And now that you know how…
Bryan: Go do it!