How add Wev server to LAN safely? - Routers

This is a discussion on How add Wev server to LAN safely? - Routers ; David H. Lipman wrote: > Remember SOHO Routers have high latency. Out of curiousity, how much latency does a SOHO router add? FWIW, I am using a Linksys BEFSR41. Latency is a statustic the manufacturers don't seem to publish (I ...

+ Reply to Thread
Page 2 of 2 FirstFirst 1 2
Results 21 to 33 of 33

Thread: How add Wev server to LAN safely?

  1. Re: How add Wev server to LAN safely?

    David H. Lipman wrote:

    > Remember SOHO Routers have high latency.


    Out of curiousity, how much latency does a SOHO router add? FWIW, I am
    using a Linksys BEFSR41. Latency is a statustic the manufacturers don't
    seem to publish (I wonder why).

    --
    ..Bill.

  2. Re: How add Wev server to LAN safely?

    From: "Bill"


    |
    | Out of curiousity, how much latency does a SOHO router add? FWIW, I am
    | using a Linksys BEFSR41. Latency is a statustic the manufacturers don't
    | seem to publish (I wonder why).
    |

    I use a Linksys BEFR81.

    They don't publish their numbers because they are higher then mangaed Ethernet switches.
    This allows them to also be cheaper for the SOHO market where latency has lesss of an
    impact.

    When I was in communication with Linksys, prior to their acquisition by Cisco, they refused
    to provide the information.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  3. Re: How add Wev server to LAN safely?

    From: "Johnnie Leung"


    >> Certainly not a SOHO solution.

    |
    | Why not? I am using one such ('SOHO') router now for my residential
    | broadband connection.
    |

    What make and model SOHO Router are you using that is a Router combinerd with an Ethernet
    Switch that supports VLANs.


    >> A managed Ethernet Switch would support VLANs in conjunction with a SOHO
    >> Router.

    |
    | And managed switches are SOHO gear?

    No, A good managed Ethernet Switches are geared for the enterprise, not the SOHO market.


    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  4. Re: How add Wev server to LAN safely?


    "David H. Lipman" wrote in message
    newsdlyj.13226$ES.11519@trnddc05...
    >
    > What make and model SOHO Router are you using that is a Router combinerd
    > with an Ethernet
    > Switch that supports VLANs.


    Draytek 2910VG.

    If you are on a budget, you can get VLAN functionality by flashing supported
    routers (like the ubiquitous WRT54G) with open source fimware such as
    DD-WRT.

    > No, A good managed Ethernet Switches are geared for the enterprise, not
    > the SOHO market.


    IOW, not really an option for the OP.

    --
    JL


  5. Re: How add Wev server to LAN safely?

    From: "Johnnie Leung"


    |
    | Draytek 2910VG.
    |
    | If you are on a budget, you can get VLAN functionality by flashing supported
    | routers (like the ubiquitous WRT54G) with open source fimware such as
    | DD-WRT.
    |

    That's a nice unit ~$250.00 US.

    But I couldn't find information on it supporting VLANs.
    ftp://ftp.draytek.com/DataSheet/Vigo..._datasheet.pdf

    It does look like an excellent VPN solution with dual LAN capability with load-balancing
    that even supports ISDN.

    And WallWatcher supports it.
    http://www.wallwatcher.com/

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  6. Re: How add Wev server to LAN safely?


    "David H. Lipman" wrote in message
    news:1omyj.7703$v47.1280@trnddc08...
    >
    > That's a nice unit ~$250.00 US.
    >
    > But I couldn't find information on it supporting VLANs.
    > ftp://ftp.draytek.com/DataSheet/Vigo..._datasheet.pdf
    >
    > It does look like an excellent VPN solution with dual LAN capability with
    > load-balancing
    > that even supports ISDN.


    Look at the mock-up web-based configuration:

    http://www.draytek.com/demo/Vigor2910/index.htm

    It looks exactly like the real thing but is non-functional (obviously).

    There are numerous 2910 variants with added/removed WiFi, ISDN, and VoIP
    functionalities. ISDN models are not available in the US (ISDN is almost
    non-existent in N Am anyway).

    --
    JL


  7. Re: How add Wev server to LAN safely?

    From: "Johnnie Leung"


    |
    | Look at the mock-up web-based configuration:
    |
    | http://www.draytek.com/demo/Vigor2910/index.htm
    |
    | It looks exactly like the real thing but is non-functional (obviously).
    |
    | There are numerous 2910 variants with added/removed WiFi, ISDN, and VoIP
    | functionalities. ISDN models are not available in the US (ISDN is almost
    | non-existent in N Am anyway).
    |

    OK Thanx. I wonder why it isn't listed in their spec. PDF file ?

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  8. Re: How add Wev server to LAN safely?


    "David H. Lipman" wrote in message
    news:amnyj.13232$ES.1269@trnddc05...
    >
    > OK Thanx. I wonder why it isn't listed in their spec. PDF file ?


    I just checked spec sheet, and it's definitely listed, under the last
    section 'Network Features', as 'Port-Based VLAN'.

    The URL to the PDF file should be
    ftp://ftp.draytek.com/DataSheet/Vigo..._Datasheet.pdf , where the
    'D' in the second 'datasheet' is uppercased.

    --
    JL


  9. Re: How add Wev server to LAN safely?


    "Bob Kester" wrote in message
    news:47C8CAB4.AC3C6801@Frontiernet.net...
    > Hi...
    >
    > I've read some of the other replies, and there is a lot of good ideas
    > there. Let me relate what I ended up doing, and sort of 'why'.


    Thanks for that Bob. I've just been reading up about this as I want to do
    something similar for a small video server. Very helpful to know it all
    works.

    Is there a list of ports to avoid when doing this?



  10. Re: How add Wev server to LAN safely?

    Thanks for that advice Dave. Would your advice be different if the server
    was a video server?

    Example..
    http://www.aviosys.com/ipvideo9310.htm

    How would you recommend exposing one of these to the internet without
    risking making your home LAN vunerable?




  11. Re: How add Wev server to LAN safely?

    From: "CWatters"

    | Thanks for that advice Dave. Would your advice be different if the server
    | was a video server?
    |
    | Example..
    | http://www.aviosys.com/ipvideo9310.htm
    |
    | How would you recommend exposing one of these to the internet without
    | risking making your home LAN vunerable?
    |

    The risks are the same. You need to know what UDP and/or TCP ports to forward to the Video
    server.

    --
    Dave
    http://www.claymania.com/removal-trojan-adware.html
    Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp



  12. Re: How add Wev server to LAN safely?

    CWatters wrote:
    >
    > Thanks for that Bob. I've just been reading up about this as I want to do
    > something similar for a small video server. Very helpful to know it all
    > works.
    >
    > Is there a list of ports to avoid when doing this?


    Well, I don't know on that. I guess it's a matter of keeping away from
    the ones commonly used for any of the services that a hacker might be
    looking for (telnet, ftp, mail, and so on). You can Google for port
    assignments, and there are a lot of references out there.

    I would probably try to keep away from the very low numbers (under
    2000). If you go to GRC.COM and do a port scan, you want your entire
    system to show up as 'stealth' -- or in other words not responding to
    anything. I think by default, Steve scans up to 2000.

    One side note on that -- when I did a port scan here, the router would
    respond on the 'ident' service port -- maybe 113? Nothing I could do to
    shut it up! I finally forwarded that port to an unassigned IP on the
    LAN, and that fixed that problem. And, to keep yourself invisible, you
    obviously don't want the router responding to any PING.

    Back to your question -- since there are 64k ports to chose from, Your
    computers will be using higher port numbers for their outbound requests
    -- I'm not sure what would happen if you were using port 12345 for your
    server, and a computer decided to connect out using that particular
    one. I think the router is supposed to be smart enough to keep those
    straight, but then most routers have a few quirks where things don't
    work just right :-)

    If you have a Linux box, there is a simple program 'netwatch' that can
    be run to monitor traffic. It is a command-line utility, and simple to
    use. It gets real interesting! And, if you do have Linux, there are a
    number of hot-CD versions available (like Ubuntu) where you can simply
    run off the CD without any installation.

    When you mention 'small video server' I wonder if you are thinking of
    something like the Slingbox. I haven't looked into those, but you might
    be tied down as to what port they want to use.

    Good Luck!

    ....Bob



    --
    The FROM: email address has been set up for receiving SPAM.
    Don't bother using it -- email to it won't be read.
    Right now, you can use: posts01 [at-sign] kesters [DOT] org
    (Until the scumbags figure that one out.)

  13. Re: How add Wev server to LAN safely?


    "Bob Kester" wrote in message
    news:47CB51BA.8E95211F@Frontiernet.net...
    > CWatters wrote:
    > >
    > > Thanks for that Bob. I've just been reading up about this as I want to

    do
    > > something similar for a small video server. Very helpful to know it all
    > > works.
    > >
    > > Is there a list of ports to avoid when doing this?

    >
    > Well, I don't know on that. I guess it's a matter of keeping away from
    > the ones commonly used for any of the services that a hacker might be
    > looking for (telnet, ftp, mail, and so on). You can Google for port
    > assignments, and there are a lot of references out there.
    >
    > I would probably try to keep away from the very low numbers (under
    > 2000). If you go to GRC.COM and do a port scan, you want your entire
    > system to show up as 'stealth' -- or in other words not responding to
    > anything. I think by default, Steve scans up to 2000.
    >
    > One side note on that -- when I did a port scan here, the router would
    > respond on the 'ident' service port -- maybe 113? Nothing I could do to
    > shut it up! I finally forwarded that port to an unassigned IP on the
    > LAN, and that fixed that problem. And, to keep yourself invisible, you
    > obviously don't want the router responding to any PING.
    >
    > Back to your question -- since there are 64k ports to chose from, Your
    > computers will be using higher port numbers for their outbound requests
    > -- I'm not sure what would happen if you were using port 12345 for your
    > server, and a computer decided to connect out using that particular
    > one. I think the router is supposed to be smart enough to keep those
    > straight, but then most routers have a few quirks where things don't
    > work just right :-)
    >
    > If you have a Linux box, there is a simple program 'netwatch' that can
    > be run to monitor traffic. It is a command-line utility, and simple to
    > use. It gets real interesting! And, if you do have Linux, there are a
    > number of hot-CD versions available (like Ubuntu) where you can simply
    > run off the CD without any installation.
    >
    > When you mention 'small video server' I wonder if you are thinking of
    > something like the Slingbox. I haven't looked into those, but you might
    > be tied down as to what port they want to use.
    >
    > Good Luck!
    >
    > ...Bob
    >
    >


    Thanks for that.

    I was thinking of the server in some IP cameras or this kind of box that
    converts a video cam to an IP cam.

    http://www.rfconcepts.co.uk/video_web_server.htm
    http://www.digidave.co.uk/product_in...roducts_id=105
    http://www.amplicon.co.uk/Data-Comms...-2100-2979.cfm




+ Reply to Thread
Page 2 of 2 FirstFirst 1 2