Loading ...
Sorry, an error occurred while loading the content.

Re: Access LinkStation from Internet

Expand Messages
  • James Stewart
    ... These Microsoft networking ports are typically blocked out on the public Internet, and for good reason, not only is there security concerns, but they also
    Message 1 of 6 , Oct 28, 2007
    • 0 Attachment
      --- In LinkStation_General@yahoogroups.com, "cheungderekca"
      <derek.cheung@...> wrote:
      >
      > I thought sharing my Linkstation over Internet was simple but it
      > turned out to be more difficult.

      ...

      > 2) at the home router, I forward the following incoming request to
      > the Linkstation:
      >
      > port 135 to 139 (both TCP and UDP)
      > port 445 (TCP)
      >
      > Using a PC on the Internet, I specify \\xxxxx.homelinux.com at the
      > file explorer but it didn't work.

      These Microsoft networking ports are typically blocked out on the
      public Internet, and for good reason, not only is there security
      concerns, but they also generate a lot of excess traffic.

      How you want to deal with this is to tunnel this through a VPN. Since
      a non-Freelinked LS will not do VPN by itself, your best option is to
      purchase a hardware box (i.e. typically a special router or firewall
      like that will do a VPN. Don't be confused by those that can just
      "pass some VPN tunnels" verses one that actually produces a VPN link.
      Of course the later costs more. Then you have to either run some
      client software or a companion box at the other end. So shop
      carefully for a solution that will work for you. With some effort,
      you can make an old PC do this too if you like.

      Other solutions is to NOT try to use Microsoft Networking through the
      Internet, but instead use a more appropriate Internet protocol.
      Unfortunately the only one of these on a factory LS is FTP which is
      also not very secure in that user names & passwords are sent clear
      text, as well as all the data is transferred un-encrypted. Since I
      run a Freelink-like OS on my LS I have SSH running on it where I can
      do secure transfers as well as secure shell access through the
      Internet. It works very well.
    • cheungderekca
      Thanks for the reply. As you said, my ISP does administratively filter the port , which prevent me from connecting to my LinkStation using the below method. I
      Message 2 of 6 , Oct 28, 2007
      • 0 Attachment
        Thanks for the reply. As you said, my ISP does "administratively
        filter the port", which prevent me from connecting to my LinkStation
        using the below method.

        I understand I can use FTP or SSH but I would like to have a simple
        method so that my relative oveseas (non-technical) can have a simple
        method to access to my Linkstation where I store all the photos and
        kid video. The LinkStation WEB access seems to be good for this
        purpose but it is not available for my older HD 250. A simple WEB
        based or Window Explorer based method that can list files in my
        LinkStation via the WEB would be great.

        Thanks in advance.

        Derek


        --- In LinkStation_General@yahoogroups.com, "James Stewart"
        <wartstew@...> wrote:
        >
        > --- In LinkStation_General@yahoogroups.com, "cheungderekca"
        > <derek.cheung@> wrote:
        > >
        > > I thought sharing my Linkstation over Internet was simple but it
        > > turned out to be more difficult.
        >
        > ...
        >
        > > 2) at the home router, I forward the following incoming request
        to
        > > the Linkstation:
        > >
        > > port 135 to 139 (both TCP and UDP)
        > > port 445 (TCP)
        > >
        > > Using a PC on the Internet, I specify \\xxxxx.homelinux.com at
        the
        > > file explorer but it didn't work.
        >
        > These Microsoft networking ports are typically blocked out on the
        > public Internet, and for good reason, not only is there security
        > concerns, but they also generate a lot of excess traffic.
        >
        > How you want to deal with this is to tunnel this through a VPN.
        Since
        > a non-Freelinked LS will not do VPN by itself, your best option
        is to
        > purchase a hardware box (i.e. typically a special router or
        firewall
        > like that will do a VPN. Don't be confused by those that can just
        > "pass some VPN tunnels" verses one that actually produces a VPN
        link.
        > Of course the later costs more. Then you have to either run some
        > client software or a companion box at the other end. So shop
        > carefully for a solution that will work for you. With some effort,
        > you can make an old PC do this too if you like.
        >
        > Other solutions is to NOT try to use Microsoft Networking through
        the
        > Internet, but instead use a more appropriate Internet protocol.
        > Unfortunately the only one of these on a factory LS is FTP which is
        > also not very secure in that user names & passwords are sent clear
        > text, as well as all the data is transferred un-encrypted. Since I
        > run a Freelink-like OS on my LS I have SSH running on it where I
        can
        > do secure transfers as well as secure shell access through the
        > Internet. It works very well.
        >
      • James Stewart
        ... Well then maybe FTP actually could work in this case, assuming the following is true: The pictures, videos, and other files you are sharing don t contain
        Message 3 of 6 , Oct 28, 2007
        • 0 Attachment
          --- In LinkStation_General@yahoogroups.com, "cheungderekca"
          <derek.cheung@...> wrote:
          >
          > I understand I can use FTP or SSH but I would like to have a
          > simple method so that my relative oveseas (non-technical) can have
          > a simple method to access to my Linkstation where I store all the
          > photos and kid video.

          Well then maybe FTP actually could work in this case, assuming the
          following is true:

          The pictures, videos, and other files you are sharing don't contain
          any critical information that you would never want released on the
          public Internet.

          MS Internet Explorer will browse FTP sites by simply entering the
          proper URL. For example ftp://ftp.debian.org/debian will give you a
          file listing of Debian Linux's FTP site from inside IE (Internet
          Explorer).

          There is a catch however. Modern versions of IE expect to be able
          to use "PASV" type authentication to connect to FTP sites. Normally
          you can't just put an FTP site behind a NAT router (which you are
          doing with all the port-forwarding business) and have it work. To
          deal with this the ProFTP program that I think is on your LS (at
          least it was on mine) has a place where you can
          enter "masquerade=xxx.xxx.xxx.xxx" in the /etc/proftp/proftp.conf
          file and you have to enter (and keep current) you actual external IP
          address. This might not work for you. You will also need to
          upgrade to at least "Openlink" to gain access to this file.

          The other thing you can do is turn off the "PASV" mode in IE. I did
          it once some time ago on an XP computer. It was a registry hack
          somewhere. If you find it, you can save the branch then send
          the "branch.reg" file to your relatives to simply double-click to
          install. Then IE will work in the older mode.

          Another thing you can do is have them use a diffent ftp client. I'm
          not sure how Firefox handles this situation, but there are some free
          FTP-only programs out there like "cuteFTP" and "WinSCP" that are
          nice drag-n-drop easy to use programs that non technical users can
          learn to use.

          Finally if FTP really won't work for you. You could customize the
          web server in the LS (you would probably at least need to install
          Openlink to do this) so that everything you want them to see is on a
          Website that you create on the computer for them to see. I use a
          Linux program on my LS called imageindex that automatically builds
          nice picture gallery websites around a folder full of pictures for
          me. It is how I do what you are trying to do for my family with my
          Freelink-like converted LS. Here is an example:

          http://wartstew.homelinux.net/SnowStorm

          For that matter, you can check out how FTP works with IE (with the
          proper "Masquerade" entry) at ftp://wartstew.homelinux.net The FTP
          server is slow to come up because I have it starting-on-demand
          using "inetd" so that it doesn't use resources sitting idle. I
          don't use it much.
        • cheungderekca
          Thanks for the reply. It is very informative. I plan to try out this Openlink thing. Many thanks. ... have ... contain ... a ... Normally ... IP ... did ...
          Message 4 of 6 , Oct 29, 2007
          • 0 Attachment
            Thanks for the reply. It is very informative. I plan to try out this
            Openlink thing. Many thanks.

            --- In LinkStation_General@yahoogroups.com, "James Stewart"
            <wartstew@...> wrote:
            >
            > --- In LinkStation_General@yahoogroups.com, "cheungderekca"
            > <derek.cheung@> wrote:
            > >
            > > I understand I can use FTP or SSH but I would like to have a
            > > simple method so that my relative oveseas (non-technical) can
            have
            > > a simple method to access to my Linkstation where I store all the
            > > photos and kid video.
            >
            > Well then maybe FTP actually could work in this case, assuming the
            > following is true:
            >
            > The pictures, videos, and other files you are sharing don't
            contain
            > any critical information that you would never want released on the
            > public Internet.
            >
            > MS Internet Explorer will browse FTP sites by simply entering the
            > proper URL. For example ftp://ftp.debian.org/debian will give you
            a
            > file listing of Debian Linux's FTP site from inside IE (Internet
            > Explorer).
            >
            > There is a catch however. Modern versions of IE expect to be able
            > to use "PASV" type authentication to connect to FTP sites.
            Normally
            > you can't just put an FTP site behind a NAT router (which you are
            > doing with all the port-forwarding business) and have it work. To
            > deal with this the ProFTP program that I think is on your LS (at
            > least it was on mine) has a place where you can
            > enter "masquerade=xxx.xxx.xxx.xxx" in the /etc/proftp/proftp.conf
            > file and you have to enter (and keep current) you actual external
            IP
            > address. This might not work for you. You will also need to
            > upgrade to at least "Openlink" to gain access to this file.
            >
            > The other thing you can do is turn off the "PASV" mode in IE. I
            did
            > it once some time ago on an XP computer. It was a registry hack
            > somewhere. If you find it, you can save the branch then send
            > the "branch.reg" file to your relatives to simply double-click to
            > install. Then IE will work in the older mode.
            >
            > Another thing you can do is have them use a diffent ftp client.
            I'm
            > not sure how Firefox handles this situation, but there are some
            free
            > FTP-only programs out there like "cuteFTP" and "WinSCP" that are
            > nice drag-n-drop easy to use programs that non technical users can
            > learn to use.
            >
            > Finally if FTP really won't work for you. You could customize the
            > web server in the LS (you would probably at least need to install
            > Openlink to do this) so that everything you want them to see is on
            a
            > Website that you create on the computer for them to see. I use a
            > Linux program on my LS called imageindex that automatically builds
            > nice picture gallery websites around a folder full of pictures for
            > me. It is how I do what you are trying to do for my family with
            my
            > Freelink-like converted LS. Here is an example:
            >
            > http://wartstew.homelinux.net/SnowStorm
            >
            > For that matter, you can check out how FTP works with IE (with the
            > proper "Masquerade" entry) at ftp://wartstew.homelinux.net The
            FTP
            > server is slow to come up because I have it starting-on-demand
            > using "inetd" so that it doesn't use resources sitting idle. I
            > don't use it much.
            >
          Your message has been successfully submitted and would be delivered to recipients shortly.