PDA

View Full Version : It's a question of security...



binkatl
08-18-2003, 01:02 PM
Hi all... thanks to the huge amount of helpful info on these forums, I've finally got a fully hacked and upgraded HDVR2, connected wirelessly to my network via a D-Link DUB-E100 and a Linksys WET-11 bridge.

It made me start to think, all this network connectivity is really cool while I'm sitting on my couch, but it would be much cooler if I could access it when I'm away from my network. Say I'm at work, or at a friend's house, and I hear about something I want to record. Just hop over to the nearest computer, log in to my Tivo, and set it up to record.

This is what I originally wanted to be able to do, but now I'm nervous about security issues. I have a Linksys router (BEFW11S4) which will allow me to forward certain ports, or to create one internal IP address as a DMZ (basically open to the internet, bypassing the firewall). Neither one of these sounds very attractive from a security standpoint.

Are there any hacks available to put password protection on the Tivo? Or can I do that from the router?

I'd also be curious to know if anyone else has just thrown caution to the wind, and opened up their Tivos to the outside world without any protection... and whether or not you have been susceptible to outside troublemakers.

Thanks, as always, for all the great help here.

- Bink

mrblack51
08-18-2003, 01:14 PM
The best option is to set up a Virtual Private Network (VPN). many routers have this capability built in. basically, you use whatever computer to connect to your router, and once the vpn connection is established, the remote computer is a member of your home network just like you would if you were sitting at home. this is ideal because you dont expose your tivo at all (well, anymore than any of the other systems inside your network), and it doesnt require configuration changes on the tivo.

TheWickedPriest
08-18-2003, 08:13 PM
Tivoweb has password protection built in. You just have to edit tivoweb.cfg and put in an account name and password. It's weak security -- not encrypted, just base64 encoded -- but enough to foil casual intrusion.

eastwind
08-23-2003, 07:22 AM
Tivoweb also has the ability to listen to whatever port you want it to. For instance you forward port 678 from your router to your TiVo and have tivoweb listen to port 678 instead of 80. Then you http://your.ip.address:678 from your friends computer and the router at your.ip.address forwards that to tivoweb. Set up a user/password and that's about as good as it gets without VPN.

EW

p.s. I do not advocate any particular port. Do some homework to find out which have special significance.

mrblack51
08-23-2003, 02:52 PM
Originally posted by eastwind
Tivoweb also has the ability to listen to whatever port you want it to. For instance you forward port 678 from your router to your TiVo and have tivoweb listen to port 678 instead of 80. Then you http://your.ip.address:678 from your friends computer and the router at your.ip.address forwards that to tivoweb. Set up a user/password and that's about as good as it gets without VPN.

EW

p.s. I do not advocate any particular port. Do some homework to find out which have special significance.

i suppose you could change the port on tivoweb, but since you can't use the same link internally vs. externally, it would make more sense to just port forward at the router, setting the incoming port to be whatever (678 in your case), and setting the outgoing port to be 80 on the tivos ip.

i don't recommend exposing a tivo to the internet, even just the one port. tivoweb isnt designed for high loads afaik, so it could easily bring down your tivo if some script kiddie found your ip.