<div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">Simon,<br><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"> Enquiries to asnode sends you to the IP address of a given node number it does not actually connect you to a specific port unless specified. The point is since node numbers are just sequential numbers a hacker or anyone could write a script to probe every Allstar IP address and its ports. Here is an example -<br><br> <a href="http://41245.asnode.org:8181/allmon/about.php">http://41245.asnode.org:8181/allmon/about.php</a><br><br>I pulled this info from google so its no secret. This individual has put
their allmon out there for anyone to see, Since the CURRENT allmon is
very insecure a hacker could get into this system very easily. There are
hundreds out there like this.<br><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">So lets say your node was 40000 -<br><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><a href="http://40000.asnode.org:80/">http://40000.asnode.org:80/</a> << the 0 is default and not needed but you could put any port there.<br><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">would in fact connect a user to your default Allstar web page if it was port forwarded and you would see this -<br><br>THIS IS A TEST !
<br><br>
If you see this the web server is working.
<br><br></div><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">Likewise if you used ssh or putty, etc. - ssh <a href="http://40000.asnode.org">40000.asnode.org</a> -p 222 - you would be connected to this node ssh port assuming it was on port 222.<br> <div dir="ltr"><div><div class="m_2113095444211032432gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div><b><font size="4">73 Doug<br></font></b></div><b><font size="4">WA3DSP<br></font></b></div><b><font size="4"><a href="http://www.crompton.com/hamradio" target="_blank">http://www.crompton.com/<wbr>hamradio</a><br></font></b></div></div></div>
</div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jan 29, 2018 at 11:43 PM, "Simon Keys via arm-allstar" <span dir="ltr"><<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="auto">Doug, will connections through asnode work if you do not have port 80 opened on the router? I hope not!<div dir="auto"><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On 30/01/2018 5:19 PM, Doug Crompton via arm-allstar <<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a>> wrote:<br type="attribution"><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small">I might add that the <a href="http://asnode.org" target="_blank">asnode.org</a> method while convenient opens a very serious security hole for Allstar. Whomever runs this site is not helping to ensure our security. It is not a hamvoip or Allstar supported site. We would really like to see it shut down as everything we are doing right now is aimed at improving security. Any hacker has an immediate list of every Allstar IP address using this site and could hit every address specifically. I would also warn that because it is an independently run site there is no guarantee it will always be there. Our upcoming DNS rollout will be very secure but it is people like those that run <a href="http://asnode.org" target="_blank">asnode.org</a> that ruin a good thing. Years ago before the big hacker craze this might have been a neat thing to do but not today!<br><div dir="ltr"><div class="gmail_default" style="font-family:tahoma,sans-serif;font-size:small"><br clear="all"></div><div><div class="m_2859778220410161227m_824714523076684070m_-9023728304148508060gmail_signature" data-smartmail="gmail_signature"><div dir="ltr"><div><div><b><font size="4">73 Doug<br></font></b></div><b><font size="4">WA3DSP<br></font></b></div><b><font size="4"><a href="http://www.crompton.com/hamradio" target="_blank">http://www.crompton.com/hamrad<wbr>io</a><br></font></b></div></div></div>
</div>
<br></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Jan 29, 2018 at 11:11 AM, "Neil Mooney via arm-allstar" <span dir="ltr"><<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div id="m_2859778220410161227m_824714523076684070m_8307136307587778151divtagdefaultwrapper" style="font-size:12pt;color:#000000;font-family:Calibri,Helvetica,sans-serif" dir="ltr">
<p style="margin-top:0;margin-bottom:0">Instead of using a dynamic DNS provider you could try using <your node number>.<a href="http://asnode.org" target="_blank">asnode.org</a> </p>
<p style="margin-top:0;margin-bottom:0">If your node is 1001 your address would be <a href="http://1001.asnode.org" target="_blank">1001.asnode.org</a></p>
<p style="margin-top:0;margin-bottom:0">This works as long as your node is registered with allstarlink and doesn't need you to install any software to keep the DDNS updated.</p>
<p style="margin-top:0;margin-bottom:0"><br>
</p>
<div id="m_2859778220410161227m_824714523076684070m_8307136307587778151Signature">
<div id="m_2859778220410161227m_824714523076684070m_8307136307587778151divtagdefaultwrapper" style="font-size:12pt;color:rgb(0,0,0);font-family:Calibri,Arial,Helvetica,sans-serif,EmojiFont,"Apple Color Emoji","Segoe UI Emoji",NotoColorEmoji,"Segoe UI Symbol","Android Emoji",EmojiSymbols">
Regards,<br>
<br>
Neil<br>
</div>
</div>
</div>
<hr style="display:inline-block;width:98%">
<div id="m_2859778220410161227m_824714523076684070m_8307136307587778151divRplyFwdMsg" dir="ltr"><font style="font-size:11pt" color="#000000" face="Calibri, sans-serif"><b>From:</b> arm-allstar <<a href="mailto:arm-allstar-bounces@hamvoip.org" target="_blank">arm-allstar-bounces@hamvoip.o<wbr>rg</a>> on behalf of "Doug Crompton via arm-allstar" <<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a>><br>
<b>Sent:</b> 28 January 2018 18:17:29<br>
<b>To:</b> ARM Allstar<br>
<b>Cc:</b> Doug Crompton<br>
<b>Subject:</b> Re: [arm-allstar] Address to use SuperMon away from home network</font>
<div> </div>
</div>
<div>
<div dir="ltr">
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
Maurice,<br>
<br>
</div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
A few points....<br>
</div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
<br>
</div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
Supermon and allmon are http applications and for them to work externally requires that port 80 tcp be forwarded in your router. Some providers do not allow outgoing port 80 from their customers although this is much less common than it use to be. If that
is the case the http port can be changed in the apache configuration. <br>
<br>
</div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
In order to reach your system from a remote location you need to use the public IP address assigned to you by your provider. This is most often a dynamic address meaning it can change. You could check it using your allstar with a command - dns-query <yournode>
The problem is is could change. The answer is to use a free Dyndns so that you address your home system by a domain name rather than an IP address. This domain name is then converted to an IP address which follows any changes that might happen to it.
<br>
<br>
</div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
All that being said be aware that the current allmon and supermon programs of any version are extremely insecure. It is very simple for a hacker to get into your system and your network if you open up ports to either of these programs. We are working on a fix
for that and it should be out in an update very soon. Until then I would NOT recommend opening your system to remote allmon or supermon.<br>
<div dir="ltr">
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
<br clear="all">
</div>
<div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_m_4019242399531290953gmail_signature">
<div dir="ltr">
<div>
<div><b><font size="4">73 Doug<br>
</font></b></div>
<b><font size="4">WA3DSP<br>
</font></b></div>
<b><font size="4"><a href="http://www.crompton.com/hamradio" target="_blank">http://www.crompton.com/hamrad<wbr>io</a><br>
</font></b></div>
</div>
</div>
</div>
<br>
</div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_default" style="font-family:tahoma,sans-serif;font-size:small">
<br>
</div>
</div>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_extra"><br>
<div class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_quote">On Sun, Jan 28, 2018 at 12:58 PM, "Maurice Dake via arm-allstar"
<span dir="ltr"><<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a>></span> wrote:<br>
<blockquote class="m_2859778220410161227m_824714523076684070m_8307136307587778151x_gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div dir="ltr">
<div dir="ltr">
<div style="font-size:12pt;font-family:'Calibri';color:#000000">
<div>
<div style="font-size:small;text-decoration:none;font-family:"Calibri";font-weight:normal;color:#000000;font-style:normal;display:inline">
What address do I use to connect to my home node using SuperMon when away from my home network? I’ve tried to use the address listed in the Allstar registration but that doesn’t go any where.</div>
</div>
</div>
</div>
</div>
<br>
______________________________<wbr>_________________<br>
<br>
arm-allstar mailing list<br>
<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a><br>
<a href="http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar" rel="noreferrer" target="_blank">http://lists.hamvoip.org/cgi-b<wbr>in/mailman/listinfo/arm-allsta<wbr>r</a><br>
<br>
Visit the BBB and RPi2/3 web page - <a href="http://hamvoip.org" rel="noreferrer" target="_blank">
http://hamvoip.org</a><br>
</blockquote>
</div>
<br>
</div>
</div>
</div>
<br>______________________________<wbr>_________________<br>
<br>
arm-allstar mailing list<br>
<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a><br>
<a href="http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar" rel="noreferrer" target="_blank">http://lists.hamvoip.org/cgi-b<wbr>in/mailman/listinfo/arm-allsta<wbr>r</a><br>
<br>
Visit the BBB and RPi2/3 web page - <a href="http://hamvoip.org" rel="noreferrer" target="_blank">http://hamvoip.org</a><br></blockquote></div><br></div></div>
<br>______________________________<wbr>_________________<br>
<br>
arm-allstar mailing list<br>
<a href="mailto:arm-allstar@hamvoip.org" target="_blank">arm-allstar@hamvoip.org</a><br>
<a href="http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar" rel="noreferrer" target="_blank">http://lists.hamvoip.org/cgi-b<wbr>in/mailman/listinfo/arm-allsta<wbr>r</a><br>
<br>
Visit the BBB and RPi2/3 web page - <a href="http://hamvoip.org" rel="noreferrer" target="_blank">http://hamvoip.org</a><br></blockquote></div></div>
<br>______________________________<wbr>_________________<br>
<br>
arm-allstar mailing list<br>
<a href="mailto:arm-allstar@hamvoip.org">arm-allstar@hamvoip.org</a><br>
<a href="http://lists.hamvoip.org/cgi-bin/mailman/listinfo/arm-allstar" rel="noreferrer" target="_blank">http://lists.hamvoip.org/cgi-<wbr>bin/mailman/listinfo/arm-<wbr>allstar</a><br>
<br>
Visit the BBB and RPi2/3 web page - <a href="http://hamvoip.org" rel="noreferrer" target="_blank">http://hamvoip.org</a><br></blockquote></div><br></div>