Print

Please login or register.
1 Hour 1 Day 1 Week 1 Month Forever
Login with username, password and session length

[mwillems]

Although I do have port forwarding set up at the moment, for port 52199, in actual fact it's already set up so that all traffic is routed to only one IP address on my network. That address is the address of my main office PC - and I'm wondering if that's the source of my problem.

Let's say JRemote is only linked by access code to my small hi-fi PC. I try to reach the small PC with JRemote but the PC is switched off. So JRemote's next step is to try to locate it via the internet. On doing this, it reaches my home network via the internet and is directed via port 52199 to the only PC it can find, which is the main office PC. So it connects with that, and that's where all the confusion sets in.

Yes this is exactly what's happening.

Regardless, different port numbers is clearly the answer. Are you saying that one of the numbers MUST be 52199? Or can I use any numbers I like? Or are they in a range?

You can use any port you like, it's irrelevant.   I would advise, obviously, avoiding ports actively used by other programs on your computer, to avoid similar confusion to what you're currently experiencing. I would also advise avoiding using common port numbers (22, 80, 443, etc.), just so random port scanners aren't constantly pinging your computer. You had just expressed anxiety above about forgetting what the port numbers were set to if you had to reset your router, and 52199 is the default.

[richard-ec2]

That's wonderful - thank you so much - I will have fun playing with that!

Just one more question about ports generally, not specifically JRemote. There must be lots of people in the world with PCs on but unattended, and with port forwarding set up. What's to stop bad people accessing their PCs using randomly picked IP addresses and commonly used port forwarding codes? They wouldn't need a password if the PC was already on.

[mwillems]

Just one more question about ports generally, not specifically JRemote. There must be lots of people in the world with PCs on but unattended, and with port forwarding set up. What's to stop bad people accessing their PCs using randomly picked IP addresses and commonly used port forwarding codes? They wouldn't need a password if the PC was already on.

An answer in three parts:

1) Nothing is stopping bad people from trying to access PCs using random IP addresses and scanning common ports.  In fact this is constantly happening in an automated way every second of every day.  It's highly like that your home router has been portscanned in the past.  Mine gets several scans a month, sometimes more.

2) However, it's not as though a forwarded port on a computer means that the bad person instantly has access to your whole computer.  A specific program has to be listening on the specific port number.  If there is no program listening on the forwarded port number, there's very little a bad person can do.  If a program is listening on the port, the bad person can potentially try to interact with that program.  That could be bad or not so bad depending on what the program is.  But it's not as though your whole OS is immediately accessible through a forwarded port.

3) However, it's important that you protect any programs that are listening on forwarded ports so that intruders can't just do what they want, and to limit port forwards to what you actually need.  In MC you do this by turning on authentication and picking a strong password.  That way anyone trying to access MC via port 52199 would need to know (or crack) your password in order to access MC remotely.  It doesn't matter if MC is already on, all remote connections require the password.  JRemote stores the password for you, so you don't have to enter it everytime, but if you tried to connect with webgizmo or someone else's copy of JRemote you'd need to enter the password to get access.  Another good safety precaution is to avoid connecting to your home computer when using public wifi.  

So the important takeaways:

You should not open a port forward from the internet to MC without turning on authentication and setting a strong password!

You should also make sure that you know which programs are listening on any ports you choose to forward, and that you forward as few ports as you need to for the programs you want to use away from home.  Network security is a bottomless subject, and I'm not an expert, so take this with a grain of salt, or as tips from a fellow enthusiast. Consult a professional if you have more serious concerns.

[richard-ec2]

Well, that sounds like excellent advice and it's very kind of you to explain it so fully. I've learned a lot.

The worry perhaps would be less with JRemote than with a remote desktop app that would open up your whole computer to an intruder. At least these remote desktop apps require a password but even so.

Meanwhile I've set up both PCs with different ports and set up separate port forwarding for each of them on the router. It's all running very smoothly at the moment so hopefully you've heard the last from me, at least on this topic!

Many thanks again - for your patience as well your help.