I have a HDVR2 with 4.01b-02 and superpatch applied to gain access to HMO functionality. I have the unit set to address 192.168.1.250, and have left that address open (not blocked) on my router. Is this OK? Will this cause issues with Tivo seeing that I have HMO installed on a box for which they do not support HMO??

The nice thing about leaving it open is that I have access to the Music and Pictures provided by Tivo.com, and I can access my TivoWebPlus from the internet when needed. But the issue of Tivo seeing this and having issue with it bothers me.

Bad idea. You can also gain access to your tivo via telnet from outside your network... meaning so can anyone else ;)

If a port scan on your IP turns up port 23 open, you better believe you'll have visitors. And since the prompt says "tivo", anyone who finds it will know what they've found, and be able to find fun things to mess with.

Not to mention the possibility that just normal traffic would cause problems.

I have the unit set to address 192.168.1.250, and have left that address open (not blocked) on my router. Is this OK?

Since this is a non-routable IP address, I am assuming you have some sort of port-forwarding enabled on your router in order to gain access to your Tivo remotely? If so, what ports have you enabled / forwarded? If you're not forwarding on 23 you should be okay as it relates to telnet, however, you're still exposed on port 80 for HTTP access, assuming this is what you have opened for TivoWeb purposes.

Though not incredibly secure by any stretch of the imagination, at a minimum, you can adjust tivoweb.cfg to required a username / password for access to TivoWeb.

However, if you have not enabled any sort of forwarding at the router, your "stuff" shouldn't be accessible remotely anyway...

However, if you have not enabled any sort of forwarding at the router, your "stuff" shouldn't be accessible remotely anyway...

But he did say he can access Tivoweb from the Internet. That, combined with the description of leaving the Tivo's IP "open" (instead of, for example, saying that he forwarded port 80), led me to believe that he set up the Tivo to be the "DMZ host", meaning all incoming traffic is forwarded there.

Let me clarify my setup as well as the nature of my concerns.

I have my Linksys router set up with the standard firewall settings in place. Originally, I had added address 192.168.1.250 to the list of addresses to be blocked. I then decided to remove that block, forward port 80 to that address so that I can use TivoWeb from the road, and added the password option to TivoWeb. So while ANY connection to the internet is not inherently safe, and while TivoWebPlus's password security may not be perfect, I am taking the basic precautions.

But the concern I was asking about was not regarding the risk of people getting in and hacking my system, but rather the concern of having my system being visible to the folks at Tivo and getting me in trouble with those folks. Since I can see the Tivo Music and Photo sources when using HMO, clearly my IP address is talking to their IP address, making me potentially vulnerable to them knowing I am running HMO when I do not have a machine that should be running it (HDVR2).

Any thoughts on the risk of Tivo seeing my IP address?

I have my Linksys router set up with the standard firewall settings in place. Originally, I had added address 192.168.1.250 to the list of addresses to be blocked. I then decided to remove that block, forward port 80 to that address so that I can use TivoWeb from the road, and added the password option to TivoWeb. So while ANY connection to the internet is not inherently safe, and while TivoWebPlus's password security may not be perfect, I am taking the basic precautions.
That's what I thought :)


But the concern I was asking about was not regarding the risk of people getting in and hacking my system, but rather the concern of having my system being visible to the folks at Tivo and getting me in trouble with those folks. Since I can see the Tivo Music and Photo sources when using HMO, clearly my IP address is talking to their IP address, making me potentially vulnerable to them knowing I am running HMO when I do not have a machine that should be running it (HDVR2).

Any thoughts on the risk of Tivo seeing my IP address?
I'm not running 4.0 on my HDVR2s, but I believe you can setup some netfilters to make sure you prevent any sort of communication from happening. Others can probably chime in better than I can regarding this though.