DSM-G600, DNS-3xx and NSA-220 Hack Forum
Unfortunately no one can be told what fun_plug is - you have to see it for yourself.
You are not logged in.
Announcement
IRC Channel #funplug on irc.freenode.org
#1 2008-02-14 17:35:50
- bdkelly
- New member
- Registered: 2008-02-14
- Posts: 2
Remotely Configure DNS-323?
I apologize if this has been addressed before, but in searching the board, I couldn't find it, so I'm asking.
I just got my DNS-323, and so far I'm pleased. What I'd like to know is if there's any way I can configure it remotely? I have the FTP server running and can connect, but when I go to the web_page volume and try to open goweb.htm, it won't let me open it. I can, of course, do this within my LAN. I've even tried connecting to the FTP through IE, and could navigate, but it wouldn't open that file.
I suppose I could set up a VLAN and connect that way, but I don't really want to do that.
I'd rather not mod the box, so if this can't be done normally, I'm ok with it, I just didn't know if it could be done.
Thanks,
Brendan
Offline
#2 2008-02-14 17:59:30
- HaydnH
- Member
- Registered: 2007-09-28
- Posts: 187
Re: Remotely Configure DNS-323?
The configuration web pages are very insecure (not even https so usernames & passwords are sent in clear text & I think the login check on each page is javascript, i.e: client side checking to see if you're logged in!) so opening them up to the world is not a good idea! You could use openvpn to setup a secure network though and do it that way. There is no need to "mod" your box to do this, just:
- create a directory on your dns-323 (e.g: /mnt/HD_a2/openvpn)
- ftp the openvpn binary, tun.ko kernel module, a certificate and a config file to that path (they're available on this forum)
- and create a script similar to below and upload it as /mnt/HD_a2/fun_plug (if you don't have a fun_plug script already)
Code:
#!/bin/sh mkdir /dev/net mknod /dev/net/tun c 10 200 insmod /mnt/HD_a2/openvpn/tun.ko cd /mnt/HD_a2/openvpn /mnt/HD_a2/openvpn/openvpn --config /mnt/HD_a2/openvpn/server.conf &
Offline
#3 2008-02-14 18:08:38
- fordem
- Member
- Registered: 2007-01-26
- Posts: 1938
Re: Remotely Configure DNS-323?
A couple of points -
First - I see no reason why it can't be done if you forward port 80 to the DNS-323 (I haven't tried this, by the way), assuming that your ISP doesn't block port 80 inbound (mine does) to prevent you running a web server.
Second - ideally - you would configure the device and then have no need to use the admin pages, but, even if you did need to modify the configuration, would you want to be able to do this over an insecure http connection? What's to stop Mr. H. Acker from doing the same - just a password? As a matter of fact - even ftp access is risky - given the fact that user credentials are sent in clear text.
Offline
#4 2008-02-14 18:17:55
- bdkelly
- New member
- Registered: 2008-02-14
- Posts: 2
Re: Remotely Configure DNS-323?
Good points. I was just wanting to be able to set automatic downloads when I'm away from my home. I suppose I could wait to do it right from there, but I'm impatient that way. I just wasn't thinking about the security.
Thanks for the help.
Offline
#5 2008-02-14 18:36:32
- HaydnH
- Member
- Registered: 2007-09-28
- Posts: 187
Re: Remotely Configure DNS-323?
Automatic downloads of what? (Trying to think of any downloading section of the config pages!). If you want to download torrents remotely you can do so via ssh securely... or again via vpn if you want to use a gui to control it.
Offline
#6 2008-02-14 23:47:19
- hennemtk
- Member
- From: Germany
- Registered: 2007-07-16
- Posts: 23
Re: Remotely Configure DNS-323?
bdkelly wrote:
Good points. I was just wanting to be able to set automatic downloads when I'm away from my home. I suppose I could wait to do it right from there, but I'm impatient that way. I just wasn't thinking about the security.
Thanks for the help.
My recommendation:
Install funplug with dropbear and use ssh to tunnel a connection to port 80 of your DNS. That's the way I do it and it is as safe as it probably can get.
You'll get SCP with that as well, so you don't need to use FTP with it's disadvantages.
You have to forward a port on your router to the DNS for the ssh connection.
There are quite some resources on the internet explaining ssh in case you are not familiar with it.
Cheers
Thomas
Offline
#7 2008-05-21 08:44:35
- ka3ak
- Member
- From: Calgary, Canada
- Registered: 2007-07-16
- Posts: 21
Re: Remotely Configure DNS-323?
If you want to download torrents remotely you can do so via ssh securely.
How do I do that ?
I have ffp 0.5 , Firmware 1.05, SSH access to DNS 323 and Bittorrent client installed via Dlink EasySearch Utility.
Does it mean that I can control Dlink Bitorrent client with command line through SSH ?
...use ssh to tunnel a connection to port 80 of your DNS
Didn't get that 
How do I use ssh to tunnel connection to a port 80 of DNS 323 ?
Thanks in advance !
Last edited by ka3ak (2008-05-21 08:45:38)
Offline
#8 2008-05-21 15:25:09
- kenyloveg
- Member
- Registered: 2008-04-10
- Posts: 41
Re: Remotely Configure DNS-323?
It would be great if someone write up a guide to implement remote control to DNS 323, including DDNS, NAT maping, port foward, ip filter, security(disable telnet, only authorized, https) etc...
I mean for the newbies.
Offline
#9 2008-05-21 18:09:29
- quekky
- Member
- Registered: 2008-03-30
- Posts: 20
Re: Remotely Configure DNS-323?
http://souptonuts.sourceforge.net/sshtips.htm
take a look at the winxp guide
Offline
#10 2008-05-22 01:55:09
- ka3ak
- Member
- From: Calgary, Canada
- Registered: 2007-07-16
- Posts: 21
Re: Remotely Configure DNS-323?
thanks .. that helped a lot !!
Offline