Switching on a lightbulb from 360km away!

Yes, my friend Prasanna just did the same. He SSHed into my system from Chennai and switched on the CFL in my room 😀
Feels like the Big Bang Theory, except that it isn’t from all over the world 😀

I opened SSH access on my ADSL router. A lot of articles on the net helped me, but let me write this out, so that it is clear and in one place. And before any brilliant bruteforcers decide to track me down, yes, I have the openSSH fix and run Debian, which means all vulnerable keys have been eliminated.

Most routers support telnet:


[13:akarsh@PENGUIN$ www]$ telnet
telnet> o
(to) 192.168.1.1
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
BCM96338 ADSL Router
Login: admin
Password:

Once I login, I get this main menu on my router. Most routers have a very similar main menu if I amn’t mistaken.


Note: If you have problem with Backspace key, please make sure you configure your terminal emulator settings. For instance, from HyperTerminal you would need to use File->Properties->Setting->Back Space key sends.

Main Menu

1. ADSL Link State
2. LAN
3. WAN
4. DNS Server
5. Route Setup
6. NAT
7. Firewall
8. Quality Of Service
9. Management
10. Passwords
11. Reset to Default
12. Save and Reboot
13. Exit
->

If you want to setup a virtual server (which is like a proxy server running on the router that hands over all requests for a particular port on the router to a particular port on a particular system on the local subnet), choose option 6, Followed by 1.


Note: If you have problem with Backspace key, please make sure you configure your terminal emulator settings. For instance, from HyperTerminal you would need to use File->Properties->Setting->Back Space key sends.

Virtual Server Menu

1. Add
2. Remove
3. Show
4. Exit
/ NAT/Virtual Server ->

You can now setup virtual servers. This is my configuration (I hit option 3 to get this). The internal IP of my system on our local subnet is 192.168.1.5. The config basically tells the router to forward all requests on port 80 (http) and port 22 (ssh) to 192.168.1.5:80 and 192.168.1.5:22 respectively on the local subnet.


Virtual Server Show

Server Name Proto. External Start External End Internal Start Internal End Server
Port Port Port Port IP Address
http TCP 80 80 80 80 192.168.1.5
ssh TCP 22 22 22 22 192.168.1.5

You will also have to set up the firewall to allow incoming packets on these ports. That’s option 7 (Firewall) on my router’s main menu, followed by option 1 (IP Filtering), followed by option 2 (Incoming).

Prasanna and I also played ‘alsamixer’ on his system. It’s real fun to be able to do what we were once doing within the local intranet of the institute with a 360km gap in between!!

Advertisements