Skip to main content

Posts

Showing posts from August, 2009

WOL over the Internet

If like me you have ever wanted to wake up your computers at home from a remote location to grab some files or start some tasks off then you need Wake on LAN. This technology has been around for a while and basically allows a computer to wake up when it recieves a special UDP packet which contains 16 copies of its MAC address. Do a search on Wikipedia if you want to learn more about how the technology works. You will also have to ensure that your PC is capable of using WOL and that your OS is setup to allow it. We need some way of broadcasting the WOL packet onto the LAN from the internet. Firstly add the ip directed-broadcast command to the LAN interface to which your PC is connected. This allows the router to "explode" a unicast packet into a broadcast on your LAN. We now need to create a static nat which will convert your packet from the internet into a broadcast address on the LAN. In this case we are using port 7 but you could use any port of your choice for this.
Post a Comment
Read more

Moving the SSH port on a CISCO router

If you admin your routers over the internet you probably know you should be using SSH. Telnet being sent in clear text is easily sniffed and your passwords captured. However Cisco routers use the standard TCP port 22 for their SSH service. As soon as you open this up to the world and turn on SSH access logging you will start to see hundreds of IP's connecting to your device and running dictionary attacks against you using standard username and password combinations. The majority of these IP's seem to originate from China or Russia and they find your open port extremely quickly. This is very anoying it fills up your log files with these attacks and uses up your system resources dealing with them. I believe they are simply running scans for any open TCP port 22. For this reason I decided I could cut down the amount of attacks by moving the SSH port to a different number. One thing you should know before we start is that there is no way to actually change the SSH port number o
Post a Comment
Read more

XBOX Live with Cisco NAT

When you connecting your XBOX 360 to XBOX Live through a CISCO router you are likely to get told that your NAT type is strict. This is because the CISCO routers do not support UPnP like most home routers. In order to resolve this issue you will need to configure your router to allow certain ports through and create some static NAT entries. Whilst a lot of games will work quite happily with NAT type strict you will notice finding other players for multiplayer matches is very slow. Gears of War 2 however will simply never find any other players if you have NAT type strict. There are 3 important ports needed for XBOX Live and they are TCP 3074 (used to connect to XBOX live and transfer data i.e. marketplace downloads, new content etc...) UDP 3074 which is used for delay sensitive traffic (multiplayer game sessions use this port) and UDP 88 (which is used for Kerberos. This is how you authenticate to the Microsoft XBOX Live servers) The first thing you need to do is to create a static NAT
Post a Comment
Read more