Hi,
Real simple question,
Has anyone configured it so you can access the swremote from the internet instead of just on the local network?
My windows mobile device is never on my home network but always on the internet, it wuold be cool to just fire up the swremote and have it connect to my housebot at home.
If anyone has done this was it a simple port forward or something more complex?
thanks
Raptor
swremote outside of network
-
raptor_demon
- Senior Member
- Posts: 141
- Joined: Tue Jul 07, 2009 12:55 pm
- Location: NC
Re: swremote outside of network
Yeah it's a simple config. In your router, forward port 5015 to your HB server address and set up a free DynDNS.com account and load the updater client on your HB server - note, some routers have dynamic dns functionality built in so you wouldn't need the client. Dlink is one example.
Dynamic DNS works by pointing yournamehere.dydns.org to whatever temporary address your ISP has assigned to your internet connection. That step gets the data from it's point of origination on the internet to your doorstep. Before it can enter, the router has to tell it where to go on the inside segment of your network. It does this though a NAT mapping. The NAT entry will basically says; "Everything that comes in from the internet on port 5015, send to the computer at 192.168.1.104 on port 5015"
Google reverse NAT, or static NAT for your particular router and I'm sure you'll find a ton of examples. Post back here if you run into trouble.
Terry
Dynamic DNS works by pointing yournamehere.dydns.org to whatever temporary address your ISP has assigned to your internet connection. That step gets the data from it's point of origination on the internet to your doorstep. Before it can enter, the router has to tell it where to go on the inside segment of your network. It does this though a NAT mapping. The NAT entry will basically says; "Everything that comes in from the internet on port 5015, send to the computer at 192.168.1.104 on port 5015"
Google reverse NAT, or static NAT for your particular router and I'm sure you'll find a ton of examples. Post back here if you run into trouble.
Terry
-
raptor_demon
- Senior Member
- Posts: 141
- Joined: Tue Jul 07, 2009 12:55 pm
- Location: NC
Re: swremote outside of network
Thanks Terry thats what i figured, how secure is this?
Raptor
Raptor
Re: swremote outside of network
Well, I've never heard of any vulnerabilities with HB, but that doesn't mean there isn't any. I think its probably more of a case of security-by-obscurity. HB isn't widely known, and the port isn't in the range of the script kiddie's default scans plus you could always move the wan-side port to something else and map that back to 5015 on the LAN side. You can also put a password on your SWremote - I don't know if the data is encrypted or sent in the clear but the password would slow somebody down at least. In addition to the password you can used strange theme names and dyndns hosts names. Name your theme something like o45yr4 and your dydns host account K8kn39.dydns.com and you're less vulnerable to somebody guessing "phone" and kyleshome.dydns.com.
I also limit the ip addresses that can connect through the port in my router. I limit them to known AT&T ip addresses since that's what my and my wifes phone use. To find the addresses, I just brows to whatismyip.com from the phone at random time to collect the different ip addresses that the phone uses. I'll put the 8 bit or 16 bit address in the router for that NAT port. As an example: if I find that my phone is using 82.7.23.1 then I may put either 87.7.0.0 or 87.0.0.0 in to allow that full range. That keeps me from having to put 30-40 different ip addresses in and still helps to limit what can access the port. I also restrict the port by specific times of the day - rarely do I use the port in the middle of the night so I turn off access then.If you happen to run a linux or BSD firewall you can take further steps by filtering by MAC address. You can also setup a secure VPN (if you router supports it) and connect though that first if your phone supports VPN connections.
Terry
I also limit the ip addresses that can connect through the port in my router. I limit them to known AT&T ip addresses since that's what my and my wifes phone use. To find the addresses, I just brows to whatismyip.com from the phone at random time to collect the different ip addresses that the phone uses. I'll put the 8 bit or 16 bit address in the router for that NAT port. As an example: if I find that my phone is using 82.7.23.1 then I may put either 87.7.0.0 or 87.0.0.0 in to allow that full range. That keeps me from having to put 30-40 different ip addresses in and still helps to limit what can access the port. I also restrict the port by specific times of the day - rarely do I use the port in the middle of the night so I turn off access then.If you happen to run a linux or BSD firewall you can take further steps by filtering by MAC address. You can also setup a secure VPN (if you router supports it) and connect though that first if your phone supports VPN connections.
Terry
-
raptor_demon
- Senior Member
- Posts: 141
- Joined: Tue Jul 07, 2009 12:55 pm
- Location: NC
Re: swremote outside of network
Hi Terry,
It worked great thanks.
Now if i could only get the dynamic images to work correctly.... on my windows mobile 6.5 touch pro 2 they do not show up correctly.
Raptor
It worked great thanks.
Now if i could only get the dynamic images to work correctly.... on my windows mobile 6.5 touch pro 2 they do not show up correctly.
Raptor