180 likes | 349 Views
Security on the Internet. Today, commercially available routers are equipped with a firewall. The standard configuration is such that telegrams from LAN to WAN can pass, but not vice versa. In place of “firewall“, terms like “application configuration“ or “NAT / PAT“ are used also. Term: NAT.
E N D
Security on the Internet Today, commercially available routers are equipped with a firewall. The standard configuration is such that telegrams from LAN to WAN can pass, but not vice versa. In place of “firewall“, terms like “application configuration“ or “NAT / PAT“ are used also.
Term: NAT NAT stands for “Net Address Translation“
Router – Port Forwarding A port in a network is like a keyPort 80 is the default key equals a door handle The router must be configured manually. Please observe: Services such as IGD, WCN and AOSS are not supported.
Router – Port Forwarding 10 2 10 2 • Port 80 (http) Web Server Operation with Web Browser • Port 443 (https) Encrypted Web Server Operation with Web Browser • Port 21 (ftp) ACS File transfer (Message history and Offline Trend) • Port 50005 () ACS Operation • Port 22 (scp) HQ Zug OZW Web Server Remote Support
DynDNS – Opening an Account • Open user account under https://www.dyndns.com/, for example, and add hostnames.
DynDNS – Adding a new Host • Select domain names for the web server • Select service type ”Host with IP address“ • Auto detect transfers your current IP address to the ”IP Address“ field
DynDNS – Make adjustments in the router • Make the adjustments in the router DynDNS.org smartweb.dyndns.biz ozw772
Browser • Calling up the web server via the browser: • With port forwarding to default port 80
Term: PAT PAT stands for “Port Address Translation“. Other terms used are “Port Forwarding“ and “Port Mapping“
Router – Port Mapping A port in a network is like a keyPrivate Ports is a special key equals a security key Result: Port 55000 on the WAN side is translated to port 80 on the LAN side. List of free ports: http://www.iana.org/assignments/port-numbers Recommendation: Use private ports from 49152 through 65535.
Router – Port Mapping Example: 10 2 10 2 • Port 80 (http): Web server operation via browser • Port 21 (ftp): File transfer (history file)
DynDNS – Adding a new Host • As previous: Select the dyndns properties in the dyndns account and in the router
Browser Calling up the web server via the browser: • With port forwarding to private port e.g. 55000
Exercise 6 • Commissioning WAN • Configure your router at your workplace such that the following • actions will be possible: • Access to the web server via http protocol.For security reasons, the WAN port shall be translated to 55000 • Access to the message history via ftp protocol • Access via dyndns from a remote location : smartweb.dyndns.biz