TiVo Community Forum Archive 1
READ ONLY ARCHIVES

Welcome to the TiVo Community Forum Archive
This archive covers threads on TiVo Community Forum that have not been posted to from the start until June 30, 2004.  Any thread that has a post made to it between 7/1/04 and 12/31/05, that had not been posted to, will be found in Archive 2.
This is a READ ONLY site.

  Search | ARCHIVE 2 | MAIN SITE

TiVo Community Forum Archive 1 : Powered by vBulletin version 2.2.8 TiVo Community Forum Archive 1 > Main TiVo Forums > TiVo UK
>>> Securing TivoWEB <<<

 
Forum Jump:
Search this Thread:
Last Thread   Next Thread
Author
Thread ---> Show Printable Version | Email this Page | Subscribe to this thread Post New Thread    Post A Reply
a18041967 is offline Old Post 06-28-2004 04:49 AM
Click Here to See the Profile for a18041967 Find more posts by a18041967 Add a18041967 to your buddy list Show Printable Version Edit/Delete Message Reply w/Quote
a18041967
Member

Registered: Oct 2002
Location:
Posts: 31

Securing TivoWEB

I'm trying to configure access to my Tivo from external locations securely. My configuration is as follows:-

1.Registered domain name pointing to my LinkSyS router.
2.Router redirects requests on port 80 to my II's server (Windows 2003).
3.Depending on the host header the request is directed to a secure site, which requests a userid & password.
4.If successful II's is set to redirect the request either to an IP address 192.168.1.30 or a URL 'tivo' which resolves to the same address.

My question/problem is, internally the process works perfectly, from work or any external locations, steps 1-3 are Ok then step 4 fails. I think I know why but cannot think of a solution, is it failing because its a private address range inside my network and also the internal DNS will not resolve external requests?

What I'm after is some suggestions on how to solve this, I'm aware that II's is not always the best option, are there any good guides on how to secure Tivo.

POST #1 | Report this post to a moderator | IP: Logged

mike0151 is offline Old Post 06-28-2004 04:55 AM
Click Here to See the Profile for mike0151 Visit mike0151's homepage! Find more posts by mike0151 Add mike0151 to your buddy list Show Printable Version Edit/Delete Message Reply w/Quote
mike0151
A Friend of Dot

Registered: Dec 2001
Location: Liverpool, Merseyside, UK
Posts: 418

if I'm misunderstanding, forgive me but try a google search on orenosp. Some people use apache but I find orenosp works fine as a reverse proxy sever. A search on these boards may also help.

__________________
6020 since Feb 2001, 2 x 80Gb, Sky Digital, TurboNet and TiVoWeb
6022 since Feb 2003, 120Gb, Pace DTR730, TurboNet and TiVoWeb;

POST #2 | Report this post to a moderator | IP: Logged

Paul Stimpson is offline Old Post 06-28-2004 05:28 PM
Click Here to See the Profile for Paul Stimpson Find more posts by Paul Stimpson Add Paul Stimpson to your buddy list Show Printable Version Edit/Delete Message Reply w/Quote
Paul Stimpson
Senior Member

Registered: Aug 2002
Location: Farnborough, Hants, UK.
Posts: 250

Hi,

From your description the problem seems to be with your IIS configuration and not with your DNS. The DNS should be irrelevant as your webserver will get the source IP and port number from the incoming request and should have no need to look it up.

I think I know what's happening... The configuration problem seems to be that you have used redirection and not reverse-proxy. Redirection takes a request and tells the requesting browser to request a different web address. In this case it tells your browser to fetch 192.168.1.130 or "tivo" and neither of these addresses have any meaning when you're away from your home network. Reverse-proxy is different; Your server receives a request from the remote browser, fetches the page itself then serves that page to the remote browser. This is what you want to do as your IIS machine is the only one that can communicate with the outside world and with your TiVo.

It seems that reverse proxy is possible with IIS but with the current number of server/browser hijackings I would question the wisdom of exposing IIS to the outside world if you're not a very experienced administrator and able to quantify the risks. Have you thought about installing Linux on a machine then running Apache with the proxy module?It shouldn't be too hard and you will get to learn some Linux which may help when you want to play with your TiVo. Apache should prove more robust against external attacks than IIS.

Cheers,
Paul.

POST #3 | Report this post to a moderator | IP: Logged

All times are GMT. The time now is 07:57 AM. Post New Thread    Post A Reply
  Last Thread   Next Thread
>>> Securing TivoWEB <<<

TiVo Community Forum Archive 1 : Powered by vBulletin version 2.2.8 TiVo Community Forum Archive 1 > Main TiVo Forums > TiVo UK
Search The Internet
 
Show Printable Version | Email this Page | Subscribe to this thread

Forum Jump:
 
Search this Thread:

Forum Rules:
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
HTML code is OFF
vB code is ON
Smilies are ON
[IMG] code is ON
 

< Contact Us - TiVo Community Forum Archive 1 >

Powered by: vBulletin Version 2.2.8
Copyright ©2000, 2001, Jelsoft Enterprises Limited.
(C)opyright - All Rights Reserved. No information may be posted elsewhere without written permission.
TiVoŽ is a registered trademark of TiVo Inc. This site is not affiliated with TiVo Inc.
Page generated in 0.04285407 seconds (89.97% PHP - 10.03% MySQL) with 19 queries.


Spider History Index