Samanathon.com

Hello kids! The AngryNetworker here, and today, I’m angrier then usual. Angry at myself! Let me tell you about my day: I’m sitting around counting my money (pennies, I had $13.42 and one cent in Canadian loonies) while watching random junk on my home theater system (huge HD projector set up, very sweet [actually 7” LCD on the wall of my cardboard box]) when all of a sudden my video window closes, a run dialog pops up, and text starts getting typed in!! What in the world is going on! Surely Satan has come forthwith to drive me insane and make me kill Saman.

So immediately I jump up and rip the network cable out of the wall - I mean seriously rip; I pulled a chunk of dry wall out. Of course I blamed this on my cat, which I later realized no one else is really going to care and I’m going to have to fix the stupid hole myself anyways.

While I slopped putty on my wall, I began to ponder what sin I committed, or who I pissed off enough to play a crazy prank on me, I start canceling out possibilities. I know from the start it’s not a virus or ad-ware, I know this because I just installed the OS, and I never browse the internet with this machine, all videos came from another machine and have been scanned. Basically the whole purpose of the box is to tickle my funny bone, or fill my cardboard box with rhythmic beats that annoy others while numbing me to the failings of the human race.

After some brainstorming I realize that two specific events fell in to place allowing my box and network to be easier to access then that guy Derek after he’s had a few drinks!

First:

I hope by now, all of you know about Remote Desktop. I mean, you have to be an idiot to not know that you can interact with another desktop from a remote computer, but then again, some people are using hubs…

Back in the mid 90s, when internet speeds were reaching a blazing 9600bps/14.4kbps (that’s BITS per second, not BYTES!) a software package came out called PC-Anywhere. While not the first, and definitely not the only one, packages such as this began to mainstream the idea and practice of visually controlling a computer via a remote machine. Today Windows XP comes with ‘Microsoft Software Terminal Services Connection’ or mstsc.exe from the run command. This software allows you to remotely log into another machine, and acts as if you are actually sitting at that machine! So basically, it brings the desktops to you! Oh my god, it’s absolutely amazing, like a gift from heaven, making life all easy for us lazy people!

Of course, mstsc sucks. So there are endless packages out there that also do remote desktop-ing (new word, deal with it JP). My choice is RealVNC. I like is because it is a small package, password controlled, doesn’t log out the current user, and has more quality options for varying network speeds including the configuration of ports.

However, as with and LAN network, you can’t immediately connect to a LAN computer from outside the LAN (i.e. connect to my computer from a computer on the internet) if you are using a router.

Second:

Ok I’m going to do a QUICK simple overview because if I began explaining everything, it would make your mind melt through your ears and your eyeballs will go through your nose! Seriously, I’ve seen it happen.

• There are a finite number of IP addresses available to the world. This is because IP address consist of 4 octets (4 sets of 8 bits), and there can only be so many combinations.
• Your LAN is using a PRIVATE IP address. These are commonly 10.x.x.x or 192.168.x.x addresses which are not routed over the internet.
• The internet uses PUBLIC IP addresses
• To make life easier, a router takes a whole bunch of private IP addresses and shoots them out over a single public IP address.
• Routers have gnomes inside them that remember what IP address the data is coming from and going to.
• Cisco does not feed their gnomes

Now that that’s done lets talk about Port Forwarding:

• Allows specific ports to be directed straight to a specified computer
• Makes you computer ‘visible’ on the internet on that specific port
• Can be a security risk when left open
• Lets you play games that may be blocked by a router

For example, I have a web server. HTTP works on port 80. As I am not idiotic enough to make my web server part of a DMZ (de-militarized zone, I kid you not) I specify that any traffic coming to my router requesting port 80 will go directly to my web server.

So guess what I did in what must’ve been my brightest moment, so bright it looked like an exploded supernova slowly fading in the night sky (Chinese history speaks about a supernova which exploded so close to earth that it could be seen day and night for a year).

Well I previously logged into my computer from the office, but then I quit and my office is now at home (I’m jobless), so I forgot all about the forwarded port. Also, I used to have a password on my VNC server, but because I was going to be logging in from home, I figured I’d do the lazy thing and not set a password when I reinstalled the application.

Add one part open port with 2 parts unsecured and accessible VNC server = you are an IDIOT!

Cook for 2 days and you get some jerk that logged into my computer and was doing what ever they wanted. I lost my entire music collection! Why they would delete it I don’t know, maybe it was the RIAA.

The moral of the story? Don’t be an idiot! Monitor the ports you are forwarding, and put a password on your freaking machines. Don’t be stupid like I was, the easy way is not always the best. And that fact drives me insane!!!

Ok, this bores me, I’m off to solve another problem!

–AJ, your local AngryNetworker
Note: I didn’t go into all the specifics, and I’m sure I might’ve missed something useful, but thats why Google was created!