Log in
Register
Menu
Log in
Register
Home
What's new
Latest activity
Authors
Forums
New posts
Search forums
What's new
New posts
Latest activity
Members
Current visitors
New posts
Search forums
Menu
Log in
Register
Install the app
Install
Forums
Linux Based Receivers
Dreambox Support Forum
Dreambox Satellite Receiver | Tutorials | Software
Dreambox tutorials
How to control your Dreambox from a remote location
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="compufunk" data-source="post: 621783" data-attributes="member: 288741"><p>There is already a SSH daemon installed on any dreambox images I have used. I would always use SSH over telnet.</p><p></p><p>I agree on your other points, however <u>for myself,</u> its a risk I'm willing to take. The convenience outweighs the risk for me.</p><p></p><p>If your not forwarding anything more than the HTTP port from your router, then the damage a potential intruder could do is limited.</p><p></p><p>Anyone who is cardsharing could have a mess on their hands if someone gets hold of their config files.</p><p></p><p>Also, lets say someone has unauthorized access to a server on the web. They could launch SSH sessions between your dreambox and the server. The originating IP address would then be your address.<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite9" alt=":eek:" title="Eek! :eek:" loading="lazy" data-shortname=":eek:" /></p><p></p><p>There are a host of mischievous things an intruder could do beyond changing channels.</p><p></p><p>(Of course, if you are not forwarding the SSH or Telnet port, then the above examples are not possible unless your router has been compromised.)</p><p></p><p>If you ever notice your dreambox running slowly, connect to it using putty (or whatever client you use) and run the following commands.</p><p></p><p>command:</p><p>[CODE]netstat[/CODE]</p><p>This will give you a list of active connections and where they are originating from, e.g. </p><p>output:</p><p>[CODE]Active Internet connections (w/o servers)</p><p>Proto Recv-Q Send-Q Local Address Foreign Address State</p><p>tcp 0 1 192.168.1.101:22 192.168.1.2:50871 ESTABLISHED[/CODE]</p><p></p><p>The columns are as follows....</p><p>connection type (UDP or TCP), your local address and the port thats being connect to, the address of the originating connection and port, connection status.</p><p></p><p>Pay particular attention to connections to ports 21,22,23 and 80. You should know where each of these is originating from. If you don't there is something wrong.</p><p></p><p>command:</p><p>[CODE]who[/CODE]</p><p>Shows who is currently logged in, this is of limited use if an intruder is logged in as root.</p><p></p><p>output:</p><p>[CODE]USER TTY IDLE FROM HOST</p><p>root pts/0 00:00m Jul 24 13:41 my.ip.address[/CODE]</p><p>Thats pretty self explanatory.</p><p></p><p>command:</p><p>[CODE]last[/CODE] Lists all SSH logins since the last reboot.</p><p></p><p>Again, this is of limited use. An intruder could clear the log file entries containing this info., but it may catch someone sloppy out.</p></blockquote><p></p>
[QUOTE="compufunk, post: 621783, member: 288741"] There is already a SSH daemon installed on any dreambox images I have used. I would always use SSH over telnet. I agree on your other points, however [U]for myself,[/U] its a risk I'm willing to take. The convenience outweighs the risk for me. If your not forwarding anything more than the HTTP port from your router, then the damage a potential intruder could do is limited. Anyone who is cardsharing could have a mess on their hands if someone gets hold of their config files. Also, lets say someone has unauthorized access to a server on the web. They could launch SSH sessions between your dreambox and the server. The originating IP address would then be your address.:eek: There are a host of mischievous things an intruder could do beyond changing channels. (Of course, if you are not forwarding the SSH or Telnet port, then the above examples are not possible unless your router has been compromised.) If you ever notice your dreambox running slowly, connect to it using putty (or whatever client you use) and run the following commands. command: [CODE]netstat[/CODE] This will give you a list of active connections and where they are originating from, e.g. output: [CODE]Active Internet connections (w/o servers) Proto Recv-Q Send-Q Local Address Foreign Address State tcp 0 1 192.168.1.101:22 192.168.1.2:50871 ESTABLISHED[/CODE] The columns are as follows.... connection type (UDP or TCP), your local address and the port thats being connect to, the address of the originating connection and port, connection status. Pay particular attention to connections to ports 21,22,23 and 80. You should know where each of these is originating from. If you don't there is something wrong. command: [CODE]who[/CODE] Shows who is currently logged in, this is of limited use if an intruder is logged in as root. output: [CODE]USER TTY IDLE FROM HOST root pts/0 00:00m Jul 24 13:41 my.ip.address[/CODE] Thats pretty self explanatory. command: [CODE]last[/CODE] Lists all SSH logins since the last reboot. Again, this is of limited use. An intruder could clear the log file entries containing this info., but it may catch someone sloppy out. [/QUOTE]
Insert quotes…
Verification
Post reply
Forums
Linux Based Receivers
Dreambox Support Forum
Dreambox Satellite Receiver | Tutorials | Software
Dreambox tutorials
How to control your Dreambox from a remote location
This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
By continuing to use this site, you are consenting to our use of cookies.
Accept
Learn more…
Top