Discussion on:
View:
Show:
I only mentioned Vista in the article if you want to host a secured RDP session.
Do any of you actually work with computers?
Such a simple project... step1.... step 2....
Always such confused negativity...
As for me, I will try it out and like everything if you dont overdo it, no one will complain.
Thanks for the great article....
Excuse my negativity toward negative non-thinkers..
And my misplacement of my reply (1st time reply)
Such a simple project... step1.... step 2....
Always such confused negativity...
As for me, I will try it out and like everything if you dont overdo it, no one will complain.
Thanks for the great article....
Excuse my negativity toward negative non-thinkers..
And my misplacement of my reply (1st time reply)
A windows application works just fine for me. NO-IP.com. It's free.
Great article, I have had to perform several hours of research to discover the information presented in your article.
One note: If you change the RDP port # you may experience issues when trying to connect to your remote PC if traffic is not allowed out on the new port number. Some firewalls block all out going traffic unless authorized. The most secure method for connecting would be with a VPN connection to the local LAN and then to RDP to a specific internal IP Address. For those out there needing a VPN solution check out IPCOP with the OPENVPN addon for Host to Net connections. Very secure and has always worked for me.
One note: If you change the RDP port # you may experience issues when trying to connect to your remote PC if traffic is not allowed out on the new port number. Some firewalls block all out going traffic unless authorized. The most secure method for connecting would be with a VPN connection to the local LAN and then to RDP to a specific internal IP Address. For those out there needing a VPN solution check out IPCOP with the OPENVPN addon for Host to Net connections. Very secure and has always worked for me.
carriers, such as Optimum Online, Comcast, Verizon, etc?
I believe they specifically mention in their terms of service agreement that residential class broadband is not to be used to host any web server or other services on the internet, and dynamically registering your DHCP assigned IP address with a DNS domain name probably falls under that same scope and would be in violation of the TOS agreement. The broadband service providers see it this way..."Why would you need a DNS name assigned to your DHCP assigned public IP address unless you are hosting services out on the web?". Sure, they offer business class broadband with a static IP address for such purposes, which they profit off of obviously, but this free workaround may just end up being the end of one's broadband account if the ISP finds out what is going on. I'm not being a hardass, but I'm pretty sure there are legal implications to doing this. Please check with your broadband ISP before using such a service.
I believe they specifically mention in their terms of service agreement that residential class broadband is not to be used to host any web server or other services on the internet, and dynamically registering your DHCP assigned IP address with a DNS domain name probably falls under that same scope and would be in violation of the TOS agreement. The broadband service providers see it this way..."Why would you need a DNS name assigned to your DHCP assigned public IP address unless you are hosting services out on the web?". Sure, they offer business class broadband with a static IP address for such purposes, which they profit off of obviously, but this free workaround may just end up being the end of one's broadband account if the ISP finds out what is going on. I'm not being a hardass, but I'm pretty sure there are legal implications to doing this. Please check with your broadband ISP before using such a service.
I don't think you want to do that. Technically they don't even want you sharing multiple PCs with your broadband link. They certainly don't want you hosting services or using BitTorrent.
But if you can't do these things, why would anyone buy Broadband? Consumers need to stand up and say no to this.
But if you can't do these things, why would anyone buy Broadband? Consumers need to stand up and say no to this.
so I'll have to stick with using a cable modem for now. With that stated, I am bound by the terms of use agreement as stipulated by the ISP. I can try to do things behind their back in hopes that I'll get away with it, but what if they find out and terminate my account? Is this service really worth the risk of losing one's broadband service and possible being blacklisted from ever getting broadband again?
I can't make that decision for you. This is something you'll have to decide. I haven't heard of too many people getting banned for using DDNS but I can't say for sure if they've enforced that rule. Technically you're not even supposed to be using multiple PCs on a broadband connection. I know they've banned people for hacking their cable modems to unlock the bandwidth and that's very illegal because it's bandwidth theft. How you use the bandwidth and connectivity you paid for is definitely on the grey side.
Twice if you count the time I called my broadband tech support before morning coffee and admitted to having a local network; "sorry sir. Please call back when you have only one computer attached to our cable modem."
The other time was a stern email recieved telling me that open ports had been detected on my machine and that running of FTP or any other network server software was not allowed. Imagine my surprise after running a local FTP (for personal use when away from home not 'sharing') on every server since the modem days.
What's this letter you sent me? I can't have remote access to my own files or a port open to remote into my computer to use my desktop from outside the home?
DynDNS is a fantastic service. Now we just have to fix the broadband moneygrab. They provide a cable from my wall to there wall, what I do legally with the end of that cable inside my walls shouldn't concern them.
But up here, we call it Rogers High Speed and they too are happy to sell you a premium business service just for fair use of your own hardware.
The other time was a stern email recieved telling me that open ports had been detected on my machine and that running of FTP or any other network server software was not allowed. Imagine my surprise after running a local FTP (for personal use when away from home not 'sharing') on every server since the modem days.
What's this letter you sent me? I can't have remote access to my own files or a port open to remote into my computer to use my desktop from outside the home?
DynDNS is a fantastic service. Now we just have to fix the broadband moneygrab. They provide a cable from my wall to there wall, what I do legally with the end of that cable inside my walls shouldn't concern them.
But up here, we call it Rogers High Speed and they too are happy to sell you a premium business service just for fair use of your own hardware.
You will find that most ISP's now block both the web and mail server ports, they just can't be used. But, that's easy enough to get around. At least with web ports.
As far as watching outgoing bandwidth. Shoot, there is a huge amount of uploading that occurs anymore because of streaming video/audio/p2p. Web Cams, sharing of pictures, voice communications, hell... Sharing of files.
Now that you bring up the topic of FTP running, I haven't found an ISP yet that blocks that port. Which is pretty strange.
My personal opinion. ISP's throttle your speeds anyway. With the biggest cap being on uploads. They know it's happening, and they know that personal web sites being run from home servers are the least of their worries. P2P in my eyes would be the biggest offender. They still are turning a blind eye.
Not that I would ever run a home ftp/web server from my home. Naaa, honest sir. It's for my home network which you know about.
By the way, zone edit is a free dns which I have seen automatic updating applications be used to keep the dns up to date with the correct isp. Spend 8 dollars, register a domain, and you can do pretty much what you want just by signing up with zone edit. They even have ssl login to the dns maintenance pages for security purposes.
Dan
As far as watching outgoing bandwidth. Shoot, there is a huge amount of uploading that occurs anymore because of streaming video/audio/p2p. Web Cams, sharing of pictures, voice communications, hell... Sharing of files.
Now that you bring up the topic of FTP running, I haven't found an ISP yet that blocks that port. Which is pretty strange.
My personal opinion. ISP's throttle your speeds anyway. With the biggest cap being on uploads. They know it's happening, and they know that personal web sites being run from home servers are the least of their worries. P2P in my eyes would be the biggest offender. They still are turning a blind eye.
Not that I would ever run a home ftp/web server from my home. Naaa, honest sir. It's for my home network which you know about.
By the way, zone edit is a free dns which I have seen automatic updating applications be used to keep the dns up to date with the correct isp. Spend 8 dollars, register a domain, and you can do pretty much what you want just by signing up with zone edit. They even have ssl login to the dns maintenance pages for security purposes.
Dan
the main reason ISPs turn ablind eye to bit trrent and the like is that that alone is one of the driving forces behind bigger bandwidth/more expensive "bundle" packages. I know some of you will say streaming video, etc etc. But honestly, how many people stream dvd quality video to their computer compared to p2p downloads. People want to be able to download 4 movies while playing Quake4 online. If an ISP did not offer improved speeds, a competitor would step in and take the buisness. That is just market economy. But, in the long run, Im sure cable/dsl companies would prefer to offer us ISDN speeds at T1 prices still.
and hook up 20 PCs' to access the web, but their primary concern is that the home user doesn't host any services because that will definitely saturate their network and result in increased support calls from other users whose connections are slow as crap. Realize that cable broadband is just like a frame-relay, it's a single shared pool of bandwidth, and if one person starts hogging it up, there is less of it available for other users. It's not like a point to point T-1 or a dedicated DSL connection, in which your connection is switched and the bandwidth is exclusively yours on your local loop run.
There really is no such thing as a "dedicated" connection. Your DSL link might be dedicated between you and the DSLAM a mile away, but I can assure you that it's not dedicated beyond that point. With many cheaper DSL services, they slam 100:1 ratios in on the Internet backhaul.
Don't you think I know that the connection is anything but dedicated beyond he local loop? It's all either a packet or circuit switched network from that point on.
At the time, I had an FTP for personal archives used for small transfers like documents when I was at the school lab computers. VPN sat on an open port so I could get into my own desktop if I needed my machine.
I could understand if your pushing a steady upload and download of monolithic files but having normal access too my machine? I accept the responsability of protecting my machine from adding to a botnet but they have to cater to the weakest link so everyone's portscan has to look like a browsing terminal.
I could understand if your pushing a steady upload and download of monolithic files but having normal access too my machine? I accept the responsability of protecting my machine from adding to a botnet but they have to cater to the weakest link so everyone's portscan has to look like a browsing terminal.
Most recently they have caused a lot of people trouble by throttling ALL encrypted connections. If you're using VPN, they'll assume you're using BitTorrent.
Where I live, at least we can switch to DSL if we don't like the cable service.
Where I live, at least we can switch to DSL if we don't like the cable service.
In the US, they might be fined by the FCC if they block DynDNS.org. That would actually be a Neutrality violation. ISPs can't block services that compete with their own.
Yes, I don't think it's fair and monopolistic on their part, but it is their network we are using, so whether we like it or not, we have to play by their rules.
What if their TOS says you can't use Vonage or Lingo but you can buy their VoIP service? Would that be ok?
In the UK at least, most of the bigger ISP's will supply a wireless-capable router free when you sign up for their service..and happily supply instructions on how to connect multiple hosts, enable sharing between them.
The argument that you run a service from your home network? isn't always the case either..my DDNS exists purely to allow me to connect *into* my home network to control my PVR etc. and ok that's me, but I'm fairly sure that's the case for many others.
Using BitTorrent? They don't mind...if they did, why would they not just cap download quantities across the board? They don't, but you may pay more for uncapped services..
Having these issues? Change your ISP..
The argument that you run a service from your home network? isn't always the case either..my DDNS exists purely to allow me to connect *into* my home network to control my PVR etc. and ok that's me, but I'm fairly sure that's the case for many others.
Using BitTorrent? They don't mind...if they did, why would they not just cap download quantities across the board? They don't, but you may pay more for uncapped services..
Having these issues? Change your ISP..
chris,
I have been wondering about DDNS with BT home broadband. I am thinking about using that just to run a small web server to a very limited (acount login) user base to provide a small online Ruby on Rails App. I have wondered what BT's view might be, guess I wont know till I try it. If I was looking to do more than a small service, then I would be looking at an alternative service, or at some stage, justifying the cost of a managed server.
tonypm
I have been wondering about DDNS with BT home broadband. I am thinking about using that just to run a small web server to a very limited (acount login) user base to provide a small online Ruby on Rails App. I have wondered what BT's view might be, guess I wont know till I try it. If I was looking to do more than a small service, then I would be looking at an alternative service, or at some stage, justifying the cost of a managed server.
tonypm
..but in my own experience, I used NTLWorld then moved over to Orange ('free' with mobile phone) and have had no issues with either provider vs. what I am doing. I don't use DynDNS as my router doesn't offer it in it's preconfigured selections..I found another, totally free solution and use a client.
In the faqs on BTs web site they specifically say that hosting a home web site is ok for option 1,2 & 3 (ie those options with usage limits).
tonypm
tonypm
If that's the case, then why do they provide instructions for doing so? And, in some cases, further facilitate such by offering wireless routers at either a discounted price or bundled with the installation package?
Time Warner Cable subscribers can share broadband Internet access via Fon Technology's public/private Wi-Fi router.
Stephen Lawson, IDG News Service
Tuesday, April 24, 2007 06:00 AM PDT
Subscribers to Time Warner Cable Inc.'s cable modem service in the U.S. can now share their broadband Internet connection with others through Fon Technology SL, which provides a special public/private router.
Fon's La Fonera router lets broadband users in homes and small businesses operate an internal Wi-Fi network that is secure and another one that is open. Users can choose how much of their broadband capacity is dedicated to their own use and how much is available to the public. Anyone who uses the router to share access at home can use other La Fonera routers when they are away from home. Other people, called "aliens," can pay US$3 per day for access. Business users can choose another plan in which they get a portion of that $3 per day fee instead of getting free access on the road.
This is the first such partnership in the U.S. for Fon, which works with ISPs (Internet service providers) in several other countries. Fon has almost 60,000 "community members" in the U.S., despite the fact that most DSL (Digital Subscriber Line) and cable modem providers don't allow their subscribers to share a signal. Fon is talking with other ISPs in the U.S. about similar deals, said Joanna Rees, CEO of Fon US, in San Francisco. Fon Technology, founded in 2005, is based in Spain.
Time Warner Cable will share in the fees aliens pay, but will also benefit because Fon makes broadband more attractive, Rees said. More consumers would sign up for broadband if they knew they could take advantage of it on the road, she said. In addition, La Fonera keeps neighbors from leeching off a customer's open Wi-Fi network without signing in or paying for Fon service.
Customers will join the service through Fon, according to the companies. Details of marketing are still being worked out, Rees said.
Time Warner Cable has 6.6 million cable modem subscribers in its 33-state service area and delivers cable TV to 13.4 million customers. The average speed of its standard Road Runner service is between 5M bps (bits per second) and 7M bps, according to Time Warner.
Stephen Lawson, IDG News Service
Tuesday, April 24, 2007 06:00 AM PDT
Subscribers to Time Warner Cable Inc.'s cable modem service in the U.S. can now share their broadband Internet connection with others through Fon Technology SL, which provides a special public/private router.
Fon's La Fonera router lets broadband users in homes and small businesses operate an internal Wi-Fi network that is secure and another one that is open. Users can choose how much of their broadband capacity is dedicated to their own use and how much is available to the public. Anyone who uses the router to share access at home can use other La Fonera routers when they are away from home. Other people, called "aliens," can pay US$3 per day for access. Business users can choose another plan in which they get a portion of that $3 per day fee instead of getting free access on the road.
This is the first such partnership in the U.S. for Fon, which works with ISPs (Internet service providers) in several other countries. Fon has almost 60,000 "community members" in the U.S., despite the fact that most DSL (Digital Subscriber Line) and cable modem providers don't allow their subscribers to share a signal. Fon is talking with other ISPs in the U.S. about similar deals, said Joanna Rees, CEO of Fon US, in San Francisco. Fon Technology, founded in 2005, is based in Spain.
Time Warner Cable will share in the fees aliens pay, but will also benefit because Fon makes broadband more attractive, Rees said. More consumers would sign up for broadband if they knew they could take advantage of it on the road, she said. In addition, La Fonera keeps neighbors from leeching off a customer's open Wi-Fi network without signing in or paying for Fon service.
Customers will join the service through Fon, according to the companies. Details of marketing are still being worked out, Rees said.
Time Warner Cable has 6.6 million cable modem subscribers in its 33-state service area and delivers cable TV to 13.4 million customers. The average speed of its standard Road Runner service is between 5M bps (bits per second) and 7M bps, according to Time Warner.
Virtually all services providers have a clause that states you may not run certain services from your connection. Their primary concern is the consumption of bandwidth and traffic -- denying service to other customers.
As a result, they use DHCP with extremely short lease times to force your public IP address to change too often for any traditional DNS service to be useful -- hence the development of DynDNS and other similar services.
Some providers DO offer a fixed public IP address -- such as my provider here in Russia -- for an additional $10 per month -- however, I am limited to 1GB of traffic per month, and if I go over that limit, it costs $30 per each additional GB! (Needless to say, I don't do any P2P from here!)
DynDNS does nothing that would violate your terms of service in and of itself. All it does is allow you to refer to your public IP address by name instead of by number, and automatically adjusts the mapping as your IP changes.
What MAY violate the terms are the services you decide to hang off of that IP -- and those would function no differently with or without DynDNS. DynDNS or other similar services simply make it easier to 'find' your public IP address remotely.
As a result, they use DHCP with extremely short lease times to force your public IP address to change too often for any traditional DNS service to be useful -- hence the development of DynDNS and other similar services.
Some providers DO offer a fixed public IP address -- such as my provider here in Russia -- for an additional $10 per month -- however, I am limited to 1GB of traffic per month, and if I go over that limit, it costs $30 per each additional GB! (Needless to say, I don't do any P2P from here!)
DynDNS does nothing that would violate your terms of service in and of itself. All it does is allow you to refer to your public IP address by name instead of by number, and automatically adjusts the mapping as your IP changes.
What MAY violate the terms are the services you decide to hang off of that IP -- and those would function no differently with or without DynDNS. DynDNS or other similar services simply make it easier to 'find' your public IP address remotely.
"DynDNS does nothing that would violate your terms of service in and of itself. All it does is allow you to refer to your public IP address by name instead of by number, and automatically adjusts the mapping as your IP changes.
What MAY violate the terms are the services you decide to hang off of that IP -- and those would function no differently with or without DynDNS. DynDNS or other similar services simply make it easier to 'find' your public IP address remotely."
Great explaination! I guess if you don't run a public web server then it may not be an issue.
I can't believe bandwidth is so expensive in Russia.
What MAY violate the terms are the services you decide to hang off of that IP -- and those would function no differently with or without DynDNS. DynDNS or other similar services simply make it easier to 'find' your public IP address remotely."
Great explaination! I guess if you don't run a public web server then it may not be an issue.
I can't believe bandwidth is so expensive in Russia.
I use DynDNS so I can monitor my home webcam from work. I have done this with several different ISP's and never had a problem.
I was hoping someone who knew what he was talking about would speak up. I found Mr. worrier to be tiring with all his what ifs? People like that are the reason I pay close attention to personality when I am hiring someone new. Push the envelope. Nothing ever gets accomplished by playing it safe. Let my cable company try to cut me off. I have DSL and another cable company to go through.
Is there an XP alternative to this article link?
"configure Remote Desktop securely"
"configure Remote Desktop securely"
Has anyone else tried LogMeIn Free? I've been using it for a month or so and it seems to work very well for me. The only pain-in-the-butt is that I have to install a small program onto the client machine. I always get my customer's permission before doing so, and it's been a great asset.
However, I'm concerned about security. LogMeIn Free uses HTTPS, but I don't know about the ports- does it use anything in addition to the HTTPS port?
Here's the link:
https://secure.logmein.com/home.asp
However, I'm concerned about security. LogMeIn Free uses HTTPS, but I don't know about the ports- does it use anything in addition to the HTTPS port?
Here's the link:
https://secure.logmein.com/home.asp
Whatever other traffic is passed through is encapsulated within standard HTTPS packets, thus making it a user friendly solution that will work through most firewalls as long as HTTP and HTTPS aren't being blocked.
I've been using LogMeIn free to access my home computer when I'm away. My router (supplied by my ISP) does not support DDNS. LogMeIn is no speed demon, but it works, and setup is dead easy.
No, XP hosting RDP isn't secure at all. You can get a secure XP client, but you can't get a secure XP RDP host. Only Windows Server 2003 with SP1/SP2 or 2003R2 or Vista can host secure RDP connections.
You will need to use a VPN alternative but be careful of using something like PPTP because that's VERY insecure.
I haven't analyzed VNC yet but that's something I'm going to get to.
You will need to use a VPN alternative but be careful of using something like PPTP because that's VERY insecure.
I haven't analyzed VNC yet but that's something I'm going to get to.
Use an SSH tunnel for your connections, there are a multitude of document available for it. Google it. 
You can host an IPSEC or L2TP server on your gateway. That will allow you to connect to anything securely. Don't ever use PPTP because the authentication mechanism isn't secure.
The downside of using DDNS function in a router is that DynDNS will drop your account (actually only the single DNS entry within your account) after 30 days if it hasn't been "touched" in that time. Router-based DDNS service usually will touch (update) the DynDNS site only when your IP address has changed, not on a 30-day timer. If, as is often the case, your IP address is not changed by your ISP in more than 30 days, you will lose your DynDNS account entry.
but I can't find it in the DynDNS website.
However, I can tell you that there is an update-abuse policy.
http://www.dyndns.com/support/abuse.html
I have a Vonage telephone adapter (VT2142) and DynDNS reported an abuse... So I had to use Windows client.
However, I can tell you that there is an update-abuse policy.
http://www.dyndns.com/support/abuse.html
I have a Vonage telephone adapter (VT2142) and DynDNS reported an abuse... So I had to use Windows client.
There were some devices that try to update something every minute and that was putting too much of a load on to the servers. You're suppose to only update when it's needed and it would seem to me that updating something once every 40 days if that's when the address changes is being a good citizen.
Here's a quote.
"To conserve resources, DynDNS uses a blocking mechanism to protect against excessive updating. DynDNS blocks update clients by useragent and will disable a user's hostname if it abusively updating.
Why Was I Blocked?
You needlessly updated a hostname too many times. The update client that you were using is abusing our DNS Update API and we block abusive clients to ensure quality service for all of us."
Ok but this is confusing.
"Updates should only be performed when your IP address has changed. We allow users to modify or "touch" their host every 28 days to prevent their hosts from expiring. Everything else is abusive."
Not sure what they mean by "touch". If they mean that if you try to resolve the name once every 28 days, then it will be kept alive, then that's good. I'm using a certified hardware client with Linksys so that should keep me safe.
Here's a quote.
"To conserve resources, DynDNS uses a blocking mechanism to protect against excessive updating. DynDNS blocks update clients by useragent and will disable a user's hostname if it abusively updating.
Why Was I Blocked?
You needlessly updated a hostname too many times. The update client that you were using is abusing our DNS Update API and we block abusive clients to ensure quality service for all of us."
Ok but this is confusing.
"Updates should only be performed when your IP address has changed. We allow users to modify or "touch" their host every 28 days to prevent their hosts from expiring. Everything else is abusive."
Not sure what they mean by "touch". If they mean that if you try to resolve the name once every 28 days, then it will be kept alive, then that's good. I'm using a certified hardware client with Linksys so that should keep me safe.
The only way that I could fine to get free Dynamic DNS from DynDNS.com is to sign up for the "pro" free trial.
http://dyn.com/dns/dyndns-pro-free-trial/
The trial is 14-days. if you don't cancel, they charge your credit card for the annual fee of $20. The policy states;
If you cancel your Pro service, all advanced features with Pro will be removed and your account will expire without a monthly login. Should you choose to cancel, you will be able to keep one free hostname.
http://dyn.com/dns/dyndns-pro-free-trial/
The trial is 14-days. if you don't cancel, they charge your credit card for the annual fee of $20. The policy states;
If you cancel your Pro service, all advanced features with Pro will be removed and your account will expire without a monthly login. Should you choose to cancel, you will be able to keep one free hostname.
will allow you to set keepalives if I remember right. I think linksys sends them by default. Im guessing that the account is droped after a month if their is no traffic from the address confirming it still exists.
I really like it. It works without my paying much attention to it. In fact, after installing it, I let it run for a couple of years and then realized I really should make sure there is no upgrade for this. I still only check periodically for upgrades.
Hi! i am newbie... i was trying to setup a home webserver.. i tried dynamic dns, no-ip & a few other services..but my main problem is that i get a username-password prompt on entering my site name...i dont no wat thats for..
by the way, i've a dsl broadband connection n win xp pro sp2.. plz help...
by the way, i've a dsl broadband connection n win xp pro sp2.. plz help...
Did you set up the DDNS name right? Can you ping your host name from the outside world?
- Keyboard Shortcuts:
- Prev
- Next
- Toggle
