[TenTec] Omni VII / Static IP address

geoffrey mendelson geoffreymendelson at gmail.com
Tue Oct 18 14:42:18 PDT 2011 

On Oct 18, 2011, at 11:27 PM, John/K4WJ wrote:

> A friend is going to purchase an Omni VII so that he can remotely  
> access it from his current noisy and antenna restricted building.  
> I'm trying to shorten the learning period required to get everything  
> working properly.


First thing you do is to use a router to connect to the internet.  
Using port forwarding, aka virtual servers, you forward data from the  
router to the radio.

Then you sign up for a free account from one of the free domain  
servers that the router supports. Just about every router made in the  
last 5 years supports DynDNS.org, and there are lots of others.

When you sign up you pick a free hostname using one of their free  
domains. Let's say they provide one called homeradio.org (a random  
example). You could pick W1AW if that was your callsign and make it  
w1aw.homeradio.org. You are better off using security via obscurity  
and making the domain name something you will remember but no one else  
will, and is not already in use.

Then he sets up the router so that when it connects to the internet it  
updates his DNS name to the current IP address. Then he would just  
connect to w1aw at homeradio.org.

If the software on the computer allows you to select the TCP/IP port  
it uses and the router allows you to set port forwarding to a  
different port, then you can use a port that is not normally used  
which makes it harder to find.

In this case the example would be if the radio used port 80, having  
the router forward it would be dangerous because it is a common port  
and often used in hacking attempts. If you had port 12345 forwarded to  
80 on the radio then it would be less likely to be hacked (or  
attempted).

This is going to get more complicated, but if I were doing it I would  
install a small computer there and have it connected to the router  
too, without forwarding the radio port. I would install an SSH server  
so that I could connect to it through the router using SSH encrypted  
port forwarding. I would also set up SSH so that it only accepts 4096  
bit keys for authentication and not passwords or shorter keys. If you  
don't know what I am talking about, ask someone who is a professional  
UNIX/LINUX sysadmin, they do it often. (or you can contact me off the  
list).

Geoff.


-- 
Geoffrey S. Mendelson,  N3OWJ/4X1GM
My high blood pressure medicine reduces my midichlorian count. :-(

More information about the TenTec mailing list