Our customers are typical broadband home users, with a DSL Modem/Router which offers DHCP.
We want our device which is connected to the home LAN and has an embedded HTTP Server to be addressable with a domain name (www.mydevice.ip or something). In particular, we want to avoid that the user has to get the IP address and type it into the address bar of his browser.
What solutions are available?
Has the typical DHCP Modem a DNS included - how do you use it?
Could other services offer help (eg. Bonjour)?
You can use mDNS/DNS-SD using "avahi" daemon -- this should work on mac + linux hosts, and maybe for windows.
For Windows, you can set up SAMBA to get WINS name resolution.
A "typical DHCP Modem" is no standard so there is no default answer.
What you want, is that the modem works as a DNS cache (which is pretty much the default) and additionally add your own, static DNS entries that point to the IP of the entry.
How you achieve that depends on the router...
Related
Both devices are connected to the same WiFi network.
I have set IIS bindings to allow connections to my IP:
However, my computer's IP address is the same as my iPad's.
Is there a way to make this work?
That's not your IP. Every time you use a laptop on a Wifi network, you'll be using the public IP address of whatever network you're on.
The IP address of "your" computer doesn't belong to your computer. It belongs to the network you're connected to. Your computer is just borrowing it for a while.
Try to set a static IP address for your computer and use another machine to send ping command to it. Then use iPad to connect.
Initially when I posted this question, I was using an xfinitywifi hotspot and I assume that came with a whole host of problems. Full-disclosure, I did not figure out how to make it work in this scenario.
However when I moved to my own home wifi network, I was still having this problem.
I had to do two things, one of which, I know is not recommended, but it was really easy.
First, I had to enter my network and sharing center and set my connection as home connection instead of public which is what I previously had it at.
Second, which is not recommended, I turned off Windows firewall. I only do this when I need to access my site from another device for debugging. I turn it back on when I am done. For a more permanent setup I know it is recommended to just enable the port you need, but I could not figure this out.
I'm currently trying to route my internet traffic from my Windows laptop(192.168.1.73) to my other laptop running Kali Linux(192.168.1.64), both on the same network. The idea is the Linux laptop would anonymise the traffic sent, possibly hiding my IP in some way. I'm stuck on how to exactly go about this. I've tried using OpenVPN but to no avail.
192.168.1.x is not public IP subnet. So both your computers are in local net. And so one or both have yet default gateway address for access to Internet and another networks. If you want route Internet traffic through the Windows Laptop to Linux computer you have to setup the Windows IP address like default gateway for Linux computer.
Then on Windows you can used two options for access to Internet for Linux:
1. enabled routing functions use Windows like just router
2. used third party software (like Wingate etc) use Windows like NAT proxy
In the first option the Linux IP address will be view at ISP devices
In the second option the Linux IP address will be change on Windows IP adress
The first is very simple for management. The second is harder.
But I don't understood why it all. If you wanna more security in Internet network you can use https://www.whonix.org/wiki/Download and get maximum security level.
I'd honestly trash this idea and use Tor browser instead, you will be 100% anonymous if you follow the guidelines on their website.
The Tor project:
https://www.torproject.org/
Tips on staying anonymous:
https://www.torproject.org/about/overview.html.en#stayinganonymous
Well and if you seriously want to route the traffic to your Kali machine, use some built-in MITM tools (eg. Arpspoof), but be aware, that this will NOT make you anonymous to the outside (Internet).
Here is how you set-up the MITM, but without the intercepting of traffic:
First, we need to forward all the trafic that the Kali machine recieves to the internet
sysctl -w net.ipv4.ip_forward=1
Then you need to send the forged ARP replies
arpspoof -i [Network Interface Name] -t [Windows IP] [Router IP]
So it should look something like this, you can find the router ip by running the command ifconfig (look for "default gateway")
arpspoof -i wlan0 -t 192.168.1.73 192.168.1.1
Then it should be up and running, tunneling you through the Kali machine.
Here's The Scoop,
I used SET (Social Engineering Toolkit) and made duplicite of a login page, the ip that was used was 10.0.2.15 (Mind you this is on a virtual machine Virtualbox), and when I tried to view it on another computer, it says the server is not responding.I tried to port forward but it was giveing me issues.
is there anything I can do to port forward or do something like that to make the web page connected to the IP viewable on the World Wide Web of another computer.
In other words, the IP's page is only viewable on the same computer who's ip I used to host, can you make it viewable on any computers browser by port forwarding it or something that will work like that.
Use bridging networking for the guest machine. Then, that IP address should be accessible on your network if there are no firewalls enabled.
There are several issues with directly accessing this IP from a separate computer.
First, the forwarding: the computer with the VirtualMachine must accept ip forwarding. This is easy to enable:
https://wiki.archlinux.org/index.php/Internet_sharing
Second, the routing: other computers must know who to ask when looking for 10.0.2.15. This is the hardest part. You could try adding a special route rule on the other computer, to set the host as a gateway for 10.0.2.15, but it requires you to make this on every machine that wishes to access the VM.
As Ahmed said, the easiest way is probably to use a network bridge, where the virtual machine will act as any other computer on the network, with a visible IP.
I have set up a Raspberry Pi in my home office with a Linux OS and have installed Apache (PHP/MySQL). Everything is working and I've been able to successfully connect via SSH from my computer while connected to the same network in my home.
I've seen many similar questions on here but none that can outline what I'm trying to do. I have an XFinity Router and can access it's settings using IP 10.0.0.1 locally. I've read into Port Forwarding which I've set up for the Raspberry Pi but now I'm stuck on the next step in the settings to get it set up so I can connect to it remotely (from a network outside my home's). I'm hoping to use this to host web-based PHP scripts that we can run from any web browsers as well as be able to SSH in from any internet connection.
I'm sorry if this is similar to other questions here but the XFinity interface seems to trouble me and it's not making it easy for me to wrap my head around Port Forwarding and what goes into setting this up correctly.
Thanks for your help!
You need to do three things:
Make sure your Raspberry Pi gets the same IP address on your LAN every time. This can be done by configuring your router for DHCP reservation by using the Pi's MAC (ethernet hardware address), if it supports it. To get the Pi's MAC, You can type ipconfig eth0, or you can use Advanced IP Scanner for Windows, or my own Pi Finder for Mac. (Alternatively, you can set your Pi to use a static IP address.)
Forward port 22 (SSH) in your router to the internal IP address you chose. (If your router supports forwarding a different external address to internal port 22, I recommend doing that for extra security.)
Get a consistent external IP address or name, so you can find your home network on the outside. If you don't have a static IP address from your ISP, then you will need a Dynamic DNS service, such as those offered from Dyn.com, no-ip.com, and Namecheap. You'll need to configure your router to update the service, and not all routers support all Dynamic DNS services (or any). (Alternatively, you can install a Dynamic DNS updater client on your Raspberry Pi or other computer on your home network, but that may or may not be easy.)
I can't advise specifics as to how to configure your particular router, but these three steps are what are generally required to do what you want, and the rest is figuring out the specifics of how your router wants it.
I regularly access Windows domains that have been set up to use a domain under the .local top level name. This conflicts with Bonjour/Zeroconf which reserves .local for it's own use. A number of platforms support Bonjour out of the box (including Mac OS, iPhone, and Ubuntu) and there's numerous name resolution issues when this confict occurs.
I have a manual (per workstation) workaround in place for Mac OS by creating an /etc/resolver/ntdomain.local as per resolver(5) which works well. Unfortunately this requires manual changes on every workstation and does not work on the iPhone.
What I'm looking for is a way to redirect requests for *.ntdomain.local coming in via mDNS to a specific unicast DNS server. I don't mind writing some code if required. I can deploy on either preferably Debian or alternatively Windows 2003. It looks like Avahi may be the library I'm looking for.
Can this be done without registering every address in the subdomain or is it possible to register a single NS record of ntdomain.local that points to the Windows DNS server?
You can "merge" the unicast and multicast .local namespaces (with unicast taking precedence) as explained on Avahi and Unicast .local. Apple has instructions for doing the same on Mac OS X.
Another option is to add domain-name=.localnet to /etc/avahi/avahi-daemon.conf to have it use .localnet instead of .local for the multicast DNS namespace.