externally viewing your box - warning

[driver_wedge]

driver-wedge you will also have to reset your routers dmz if you have been messing around with that. Thats the culprit.

Cheers Kiddac. I didn't actually enable dmz in the first place, but have since had a look into it. Basically, I don't know what I'm doing, so will leave well alone for now. I thought it may have been a good way of accessing the boxes that I set up for some friends when something needs tweaking or updating. I'll spend a bit more time looking into everything before I start messing again.

 

[chriscarey70]

I'm sacking off external. I only really want the option of web if for multi room via kodi anyway thanks for the wanting kiddac

Sent from my HTC One M9 using Tapatalk

Download dream epg on ur android box via playstore.
Its a great app

 

[lilvfr400boy]

. Can u help pls kiddac removed a password from my box via deleting the actual password file which means I'm fine logging into box on most things ftp etc but cannot set a new password for some reason ? Done before no probs do no what to do with this tho

Sent from my HTC One M9 using Tapatalk

 

[manoflard]

99% sure that you need to login via telnet or SSH to set a password (command is 'passwd')

 

[kiddac]

use putty software to telnet your box

 

[lilvfr400boy]

That's what is on screen pal I managed to sort mate I'd used the guide for deleting password by removing the letter in passwd file on box it never said replace with anything so I just assumed leave blank as shown in the guides pics you actually have to type 0 in the gap left or it won't work bloody rubbish guides lol

Sent from my HTC One M9 using Tapatalk

 

[lilvfr400boy]

I'd used telnet putty as suggested it's the only thing I use for passwd changes the problem is as 0 wasn't in place it couldn't put me into root user even when I log in , no idea why but sorted it now

Sent from my HTC One M9 using Tapatalk

 

[kiddac]

to be perfectly honest, I have absolutely no idea what you are talking about :)

 

[lilvfr400boy]

when u telnet a password it goes into etc/passwd the first line will be something like this root:b:0:0:root:/home/root:/bin/sh if u have set a password or the b wil be a huge line of encrypted text but whichever to remove a password you just need to delete the b or line of text then save the file. Unfortunately in every guide it says to save it like this root::0:0:root:/home/root:/bin/sh which causes the issue I showed above it needs to be root:0:0:0:root etc etc lol I've sorted external viewing to a stage where it works pretty good now thanks to ur guide on passwd

Sent from my HTC One M9 using Tapatalk

 

[dillyp70]

Had a little look into this myself quite scary that i could actually factory reset someones box change the password delete all the recordings practically anything i wanted to (i didnt by the way) just messed with the volume to p*ss them of before giving them the message to lock openwebif which they did so........ Mission accomplished. Must admit it did keep me entertained for abit.

 

[tcz009]

great info, thanks

---------- Post Merged at 03:42 PM ----------

great info, thanks

 

[diskos]

I dont know personally how the modified M3U works what i do know is some casual user just port scanning will not get in if you password and HTTP authentication

But it isn't casual users who are likely to find an open port. When they found mine, I located the source IP address to a data centre hosted in London which people can rent for a monthly fee. All they would do is run IP scanners en masse (and probably 24/7), and then have automated scripts to interrogate OpenWebIf. They don't need to crack your root password, nor will they be deterred by having HTTP authentication switched on - all HTTP authentication does is ask for a password when you log into the OpenWebIf web interface, but when you click on a channel, or programme, it generates an M3U file in the form of http://internalIP:8001/GUIDofChannel. Problem is, the so-called hackers can simply change the IP of the M3U files to your external IP address. This will then play their side with no authentication required. I've tested this myself using my own box and 2 different other broadband lines and confirm this works without any password being asked for. It's up to you really, If you feel safe enough, go for it...

thats very worrying - in addition to HTTPS + Authentication of WebIF + obviously the telnet password - is there anything else that one has to be aware of if opening the box for external viewing?

can one authenticate the m3u stream?

 

[Jaap2nv]

I presume you have to be on home network to use telnet?


Sent from my iPhone using Tapatalk

 

[bigguy283]

hi guys!
i have added a password now to my box using (putty)and changed the port, and turned on authentication on my zgemma
BUT now on my home pc connected directly to my router,i can no longer access openweb,but on my mobile phone i can using timote(using my new settings)
why can i no longer access my box via my pc?? do i have to change the 192.***.***.*** and add something to the line?
really confused now!!
als i can still filezilla my box and access it with my new password!!
thanks



my bad guys i sorted it! forgot to add port to login page!!

 

[steveuk23]

hi guys!
i have added a password now to my box using (putty)and changed the port, and turned on authentication on my zgemma
BUT now on my home pc connected directly to my router,i can no longer access openweb,but on my mobile phone i can using timote(using my new settings)
why can i no longer access my box via my pc?? do i have to change the 192.***.***.*** and add something to the line?
really confused now!!
als i can still filezilla my box and access it with my new password!!
thanks



my bad guys i sorted it! forgot to add port to login page!!

It may be the cache in the browser you're using remembering the old settings
Delete any saved passwords in your browser and empty the cache/temporary Internet files and try again
Ah forget all that just seen you've fixed it lol

 

[bigguy283]

my bad guys i sorted it! forgot to add port to login page!![/QUOTE]
It may be the cache in the browser you're using remembering the old settings
Delete any saved passwords in your browser and empty the cache/temporary Internet files and try again
Ah forget all that just seen you've fixed it lol[/QUOTE]


Thanks for reply, but yeah i forgot i also changed the port number on my box( thought this might add security)

 

[eazzzzzzzzzy]

Don't do it!! I done it and messed up my router and box. I had to reset the router and reflash the box.

 

[bigguy283]

Don't do it!! I done it and messed up my router and box. I had to reset the router and reflash the box.

its been done for days as i going away and want to access my box while away

it seems to be working fine, on my phone,laptop

 

[dowlinr]

Don't do it!! I done it and messed up my router and box. I had to reset the router and reflash the box.

It won't mess up your router by opening two ports (one for http and one for streaming). It also won't mess up your box if you telnet in to change a password. Just because you couldn't get it working doesn't mean it won't work for others.

 

[diskos]

Don't do it!! I done it and messed up my router and box. I had to reset the router and reflash the box.

It won't mess up your router by opening two ports (one for http and one for streaming). It also won't mess up your box if you telnet in to change a password. Just because you couldn't get it working doesn't mean it won't work for others.

is it possible to password protect the stream with the method that you suggest? - else the streams are unsecure and can easily be hacked.