Loading ...
Sorry, an error occurred while loading the content.

1179RE: [nslu2-general] Re: Some simple questions

Expand Messages
  • Computer Guy
    May 16, 2005
    • 0 Attachment
      Not necessarily; as a stock unit, the NSLU2 does not have ftp capability
      (that I know of). The only way to access the actual shares is either
      through the web interface (same interface used for administration) or
      through NetBios. I personally wouldn't want people from outside my internal
      network to have access to the standard NSLU2 web interface. There are too
      many questions of security there. It is all a matter of acceptable risk;
      for me, it is not acceptable as I have files on my NSLU2 that I don't want
      accessible to anybody but me. If I didn't, I probably wouldn't worry as
      much about it. However, if you offer the standard web interface to be the
      main external access point, folks are one step closer to hacking into the
      NSLU2 and destroying/manipulating your data.

      -----Original Message-----
      From: nslu2-general@yahoogroups.com [mailto:nslu2-general@yahoogroups.com]
      On Behalf Of ladeeda168
      Sent: Monday, May 16, 2005 8:08 AM
      To: nslu2-general@yahoogroups.com
      Subject: [nslu2-general] Re: Some simple questions

      I understand what you're saying about security, but if I have a separate
      server, wouldn't that defeat the purpose of the NSLU2?
      Couldn't I just set up shared files on the same web/ftp server? Or am I
      misreading what you recommended?

      Thanks!



      --- In nslu2-general@yahoogroups.com, "Computer Guy"
      <computerguy@t...> wrote:
      > The NSLU2 has a web server enabled by default; this is the way you
      access
      > the admin interface. If you used DynDNS, you could point port 80
      to your
      > NSLU2 and people would be able to access the device through the
      same web
      > interface.
      >
      > As for security; that should be your primary concern... If you
      allow
      > everybody to have access through the web interface, as was stated
      earlier,
      > you are opening up a hole that hackers will attempt to gain access
      through.
      > While it may not be the easiest of solutions, it would still be
      better to
      > set up a separate web/ftp server and host the files through
      there. That
      > way, you have 2 layers of security - 1 from the NSLU2 and 1 from
      your
      > separate server. Just my $.02.
      >
      > Matt B.
      >
      > -----Original Message-----
      > From: nslu2-general@yahoogroups.com [mailto:nslu2-
      general@yahoogroups.com]
      > On Behalf Of ladeeda168
      > Sent: Sunday, May 15, 2005 11:35 PM
      > To: nslu2-general@yahoogroups.com
      > Subject: [nslu2-general] Re: Some simple questions
      >
      > Thanks for your help.
      >
      > I am concerned about #2 (sharing with people outside my
      network)...What
      > about all the people who run web servers off their NSLU2? How do
      they keep
      > from "being hacked?"
      >
      > All I wanna do is share photos and maybe a few other files with
      family and
      > friends...and I don't want to do it so they have to do it through
      an FTP
      > client.
      >
      > --- In nslu2-general@yahoogroups.com, "jncharli - tele2"
      > <jncharli@t...> wrote:
      > > Hello,
      > >
      > >
      > >
      > > 1) You should have assigned an Netbios Name to your NSLU2.
      > >
      > > All the shares you created will appear in « My Network place »
      > with the name
      > > of the NSLU2, and the name of the share.
      > >
      > > Note that if even if you haven't created any share, there should
      > be 2 lines
      > > by default :
      > >
      > > - admin1 on <NSLU2_Name_you_assigned>
      > \\<NSLU2_Name_you_assigned>\admin
      > > 1
      > >
      > > - disk 1 on <NSLU2_Name_you_assigned>
      > > \\<NSLU2_Name_you_assigned>\disk 1
      > >
      > >
      > >
      > >
      > >
      > > 2) Be careful that allowing the outside world to connect
      to
      > your NSLU2
      > > means that everybody connected to Internet is able to try and
      hack
      > your
      > > files. This is a significant security concern that should be
      > raised.
      > >
      > >
      > >
      > > To be able to share a ressource from outside your network (you
      LAN
      > = Local
      > > Area Network), you must enable the `sharing protocol' (aka
      > Netbios) to cross
      > > your equipments (mainly your router).
      > >
      > >
      > >
      > > There are 3 steps to perform
      > >
      > >
      > >
      > > Step 0 : Check if your ISP doesn't block the Netbios ports
      > >
      > >
      > >
      > > Sometimes (more and more often), the ISP blocks the Netbios ports
      > for
      > > security reasons.
      > >
      > > You should check in the FAQ if your ISP blocks the Netbios
      ports.
      > If it the
      > > case (like for mine), there is no real solution, other than
      > changing your
      > > ISP.
      > >
      > >
      > >
      > > Step 1 : Allow the Netbios trafic to cross your router/firewall
      > >
      > >
      > >
      > > Currently, most of the router embedd a firewall. You then must
      > tell your
      > > firewall embedded in the router you want to enable Netbios in
      both
      > direction
      > > :
      > >
      > > TCP 137
      > >
      > > UDP 138
      > >
      > > TCP 139
      > >
      > > (sorry, there are maybe others, but here are the ports found in
      > books).
      > >
      > >
      > >
      > > Step 2 : Tell your router what equipment (IP adress) will be the
      > target of
      > > incoming Netbios trafic
      > >
      > >
      > >
      > > You must configure your router to set the NSLU2 to be the
      > destination of all
      > > incoming Netbios requests.
      > >
      > > There is a common mode called `DMZ mode' that can be used. In
      this
      > mode, all
      > > incoming requests (Netbios or not) are sent to a single IP
      adress.
      > This mode
      > > should be used for tests purposes.
      > >
      > >
      > >
      > >
      > >
      > > Hope it can help
      > >
      > >
      > >
      > >
      > >
      > > Greetings
      > >
      > >
      > >
      > >
      > >
      > > _____
      > >
      > > De : nslu2-general@yahoogroups.com [mailto:nslu2-
      > general@yahoogroups.com] De
      > > la part de ladeeda168
      > > Envoyé : samedi 14 mai 2005 08:39
      > > À : nslu2-general@yahoogroups.com
      > > Objet : [nslu2-general] Some simple questions
      > >
      > >
      > >
      > > I've been scouring the Wiki and this group for an answer, but
      > don't
      > > seem to be able to find what I need. I think these are very,
      very
      > > basic questions:
      > >
      > > 1) How is the drive that is attached to the NSLU2 viewed from in-

      > > network computers? Is it in "My Network Places?" I've tried
      > looking
      > > at the manual, but this simple question doesn't seem to be
      > answered?
      > >
      > > 2) How do people OUT of my network view files? Is there a way to
      > do
      > > this without starting up an ftp client? Like a webpage based
      > > interface? Or something else? I would like to eliminate the
      FTP
      > > component and just have someone type in my domain (which would
      > then be
      > > run off DynDNS)...
      > >
      > > Thanks!
      > >
      > >
      > >
      > >
      > >
      > >
      > >
      > > _____
      > >
      > > Yahoo! Groups Links
      > >
      > > * To visit your group on the web, go to:
      > > http://groups.yahoo.com/group/nslu2-general/
      > >
      > > * To unsubscribe from this group, send an email to:
      > > nslu2-general-unsubscribe@yahoogroups.com
      > > <mailto:nslu2-general-unsubscribe@yahoogroups.com?
      > subject=Unsubscribe>
      > >
      > > * Your use of Yahoo! Groups is subject to the Yahoo!
      > > <http://docs.yahoo.com/info/terms/> Terms of Service.
      > >
      > >
      > >
      > > [Non-text portions of this message have been removed]
      >
      >
      >
      >
      >
      > Yahoo! Groups Links





      Yahoo! Groups Links
    • Show all 11 messages in this topic