Results 1 to 7 of 7

Thread: Can I open a port to my local pc through my firewall [edit] thru my dsl router

  1. #1

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Can I open a port to my local pc through my firewall [edit] thru my dsl router

    Ok - so I've written some code - running in a service - that uses the httplistener class to talk to other services and apps running on an internal network.

    Using an address like this locally - on my development machine

    Code:
    Dim prefixes() As String = {"http://localhost:8080/dcxReader/"}
    And on other machines on the network - from a C# program, for example...

    Code:
    private String gstrServer = "10.0.117.71";
    .
    .
    .
    string[] prefixes = {"http://" + gstrServer + ":8080/dcxReader/"};
    So - what I want to do is allow another developer I have working on this project to also talk to this service as well - but from outside the network. I have a dedicated IP address for my office - I guess that means the cable-router. Can I open port 8080 on my router and somehow map it to my development machine (the 10.0.117.71 address internally)?

    I am only looking to do this for a short time - not some kind of production experience.

    Thanks!
    Last edited by szlamany; Nov 27th, 2012 at 12:06 AM.

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  2. #2
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Can I open a port to my local pc through my firewall [edit] thru my dsl router

    Don't confuse a NAT router with a firewall. Those are two different things, though sometimes one box has both functions in it so you might have to both do the inward port mapping and set an inbound firewall rule allowing it.

    And of course there is a good chance you have a software firewall active on the PC as well to deal with.

    All of these are managed through an admin interface of one kind or another. Low-end NAT routers normally support a Web based UI. Software firewalls usually have a UI of some sort as well, such as the Firewall control panel applet for Windows Firewall.


    So it is just a question of cracking open the good old manuals and taking care of it. The details vary based on the make, model, and firmware version of your router and the version and edition of Windows you are using. Thus we can't just offer you a "do A, B, and C."

  3. #3
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,532

    Re: Can I open a port to my local pc through my firewall [edit] thru my dsl router

    The short answer is yes... in the router settings somewhere you can configure a table that says "requests that come from port XYZ should be routed to Machine ABC... I've done that for a few things.... SQL and HTTP requests get routed to the home server, while requests that came in on a different port (MySQL and one for some radio software I run) go to another machine.

    As dilettante said, it varies on the make and model of the router... the manuals should have a section on that. If it's like mine, it's actually fairly simple.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

  4. #4

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Re: Can I open a port to my local pc through my firewall [edit] thru my dsl router

    Yup - that was way easy. My comcast router allowed for PORT FORWARDING - so I actually selected an obscure five-digit port # on the public side and mapped that to 8080 on my local machines internal ip address.

    I had already opened 8080 on my local machine (in the MS firewall) so that other internal clients could talk with my services.

    Wow - this is so cool!

    So - final question. What have I done security-wise to myself here? The only thing listening on this port is my services - that expect a POST with a memory-stream containing a serialized-VB-class.

    What kind of attacks can I expect?

    Can a port sniffer find that I have this port open all of a sudden? What can they hit it with that I have to worry about?
    Last edited by szlamany; Nov 27th, 2012 at 02:21 PM.

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  5. #5
    PowerPoster
    Join Date
    Feb 2006
    Posts
    24,482

    Re: Can I open a port to my local pc through my firewall [edit] thru my dsl router

    It will take time but the bad guys will find you. Port 80 would get hit right away and common secondary ports like 8080, 8081, etc. take a little longer - not as many people looking for them. Arbitrary ports take longer and will get fewer hits.

    How vulnerable you are and the extent of possible damage depends at least in part on what Web server you are running. IIS and Apache are common, so they tend to be prime targets. Watch your server logs for probes using common exploits of known weaknesses in IIS and Apache/PHP.

    Properly hardening web servers takes a lot of knowledge.

    Ideally you'd have the web service running on a machine located in a real DMZ network, which isn't the same thing as common residential router "DMZ" mode. But for lightweight home applications this is overkill - just expect to get hacked eventually.

    Most of the scumbags will settle for defacing static web pages.

  6. #6

    Thread Starter
    MS SQL Powerposter szlamany's Avatar
    Join Date
    Mar 2004
    Location
    Connecticut
    Posts
    18,263

    Re: Can I open a port to my local pc through my firewall [edit] thru my dsl router

    Thing is I'm not running IIS or apache - I've coded my own SERVICE that is using the HTTPLISTENER class in .Net - waiting for a POST and reviewing said post and deserializing the "class" that was received and then responding back appropriately.

    How do the bad guys see a port as open - they detect the listening on that port??

    *** Read the sticky in the DB forum about how to get your question answered quickly!! ***

    Please remember to rate posts! Rate any post you find helpful - even in old threads! Use the link to the left - "Rate this Post".

    Some Informative Links:
    [ SQL Rules to Live By ] [ Reserved SQL keywords ] [ When to use INDEX HINTS! ] [ Passing Multi-item Parameters to STORED PROCEDURES ]
    [ Solution to non-domain Windows Authentication ] [ Crazy things we do to shrink log files ] [ SQL 2005 Features ] [ Loading Pictures from DB ]

    MS MVP 2006, 2007, 2008

  7. #7
    Smooth Moperator techgnome's Avatar
    Join Date
    May 2002
    Posts
    34,532

    Re: Can I open a port to my local pc through my firewall [edit] thru my dsl router

    they ping it. if they get an error reply, it's been closed off an they move to the next port... if they get a non-response, or a non-error response... then they know they have an open port... from there, they have a variety of tricks to see if they can figure out what they are hitting.

    -tg
    * I don't respond to private (PM) requests for help. It's not conducive to the general learning of others.*
    * I also don't respond to friend requests. Save a few bits and don't bother. I'll just end up rejecting anyways.*
    * How to get EFFECTIVE help: The Hitchhiker's Guide to Getting Help at VBF - Removing eels from your hovercraft *
    * How to Use Parameters * Create Disconnected ADO Recordset Clones * Set your VB6 ActiveX Compatibility * Get rid of those pesky VB Line Numbers * I swear I saved my data, where'd it run off to??? *

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  



Click Here to Expand Forum to Full Width