[TenTec] Omni VII / Static IP address
geoffrey mendelson
geoffreymendelson at gmail.com
Tue Oct 18 14:42:18 PDT 2011
On Oct 18, 2011, at 11:27 PM, John/K4WJ wrote:
> A friend is going to purchase an Omni VII so that he can remotely
> access it from his current noisy and antenna restricted building.
> I'm trying to shorten the learning period required to get everything
> working properly.
First thing you do is to use a router to connect to the internet.
Using port forwarding, aka virtual servers, you forward data from the
router to the radio.
Then you sign up for a free account from one of the free domain
servers that the router supports. Just about every router made in the
last 5 years supports DynDNS.org, and there are lots of others.
When you sign up you pick a free hostname using one of their free
domains. Let's say they provide one called homeradio.org (a random
example). You could pick W1AW if that was your callsign and make it
w1aw.homeradio.org. You are better off using security via obscurity
and making the domain name something you will remember but no one else
will, and is not already in use.
Then he sets up the router so that when it connects to the internet it
updates his DNS name to the current IP address. Then he would just
connect to w1aw at homeradio.org.
If the software on the computer allows you to select the TCP/IP port
it uses and the router allows you to set port forwarding to a
different port, then you can use a port that is not normally used
which makes it harder to find.
In this case the example would be if the radio used port 80, having
the router forward it would be dangerous because it is a common port
and often used in hacking attempts. If you had port 12345 forwarded to
80 on the radio then it would be less likely to be hacked (or
attempted).
This is going to get more complicated, but if I were doing it I would
install a small computer there and have it connected to the router
too, without forwarding the radio port. I would install an SSH server
so that I could connect to it through the router using SSH encrypted
port forwarding. I would also set up SSH so that it only accepts 4096
bit keys for authentication and not passwords or shorter keys. If you
don't know what I am talking about, ask someone who is a professional
UNIX/LINUX sysadmin, they do it often. (or you can contact me off the
list).
Geoff.
--
Geoffrey S. Mendelson, N3OWJ/4X1GM
My high blood pressure medicine reduces my midichlorian count. :-(
More information about the TenTec
mailing list