Port/Forwarding - NAS Drive - FTP - Questions - Default DMZ Server

dibbers

dibbers

Premium Member
Premium Member
Joined
May 18, 2005
Messages
11,797
Reaction score
1,387
Location
Ipswhich
Hi Guys,

OK got a Nas drive and it's connected to my router (ip address of NAS is 192.168.2.2) i have an Internet connection to the router as well.

OK Question, got it all working and can access the NAS drive HTTP and also FTP - (from the Internet) but I've had to enable the below in the router and put the IP address of the NAS drive in default DMZ server.....

Default DMZ Server

Specifying a Default DMZ Server allows you to set up a computer or server that is available to anyone on the Internet for services that you haven't defined. There are security issues with doing this, so only do this if you're willing to risk open access. If you do not assign a Default DMZ Server, the router discards any incoming service requests which are undefined.

To assign a computer or server to be a DMZ server:

Click the Default DMZ Server check box.
Type the IP address for that server.
Click Apply.


So i'm wondering if that's ok and the correct way to do it.....or should i be messing around with port forwarding etc.
 
Last edited:
By putting the NAS in the DMZ you are basically disabling the firewall feature of the router allowing public IP addresses (anyone on the Internet) access to all ports that the NAS device has open (has a service running on it) NAS devices by default allow network share access which is never a good thing to allow access via the net.

This is never a good idea and generally should only be used by devices you know inside out.

For that reason you should pin hole your firewall (Port forwarding) and allow just the services you want to allow to the NAS device from the Internet / WAN.

In the example you have given (FTP) you just need to add port 21 as a port forward rule to 192.168.2.2. As a side note, only do this if you are not hosting any other FTP services.

One way to demonstrate this is by using Shields-up - from your computer with the NAS in the DMZ (as you currently have it) run this https://www.grc.com/x/ne.dll?bh0bkyd2 and select "All Service Ports".

Then run the same test again after you have added the port forward rule for FTP and you will see what I am trying to get at :)

It's a good way to grasp the basics of firewalling. I hope that helps you :)

If you have problems with adding the port forward rule to your router then use this website: http://portforward.com/
 
Last edited:
I agree with @Timbo (Top Post) the minimum amount of ports open to the outside world the better for security.

You could also limit External IP Addresses To Known IP Addresses that can access those ports for extra security.
 
been trying the old port forward and for some reason just can't get access if i have disabled DMZ, how ever i have only allowed access to the nas server 192.168.2.2 and have ran the following test on the lap top....(have VNC running) and have these results

GRC Port Authority Report created on UTC: 2009-09-04 at 19:48:12

Results from scan of ports: 0-1055

0 Ports Open
10 Ports Closed
1046 Ports Stealth
---------------------
1056 Ports Tested

NO PORTS were found to be OPEN.

Ports found to be CLOSED were: 0, 1, 2, 3, 4, 5, 6, 7, 8, 9

Other than what is listed above, all ports are STEALTH.

TruStealth: FAILED - NOT all tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.


then on this main computer i have

GRC Port Authority Report created on UTC: 2009-09-04 at 19:44:58

Results from scan of ports: 0-1055

0 Ports Open
0 Ports Closed
1056 Ports Stealth
---------------------
1056 Ports Tested

ALL PORTS tested were found to be: STEALTH.

TruStealth: PASSED - ALL tested ports were STEALTH,
- NO unsolicited packets were received,
- NO Ping reply (ICMP Echo) was received.

so i guess i pass then!

Thanks for a top post mate.....brillaint!

oh and ofcourse i've created a No-IP so i'm only giving out a name and not a ip address!

Thanks again man
 
Hi

Sorry to jump on this topic but I see it has been resolved and my questions relate to this topic so am hoping someone out there can help.

Am confused regards routers and everything they are capable of doing.

I will be upgrading my OS to windows 7 and my adsl card will not work in Windows 7 so have purchased a router which is connected to my PC.

My PC has an external hard drive caddy which I currently have xampp installed and running with one of those sites offering free domain name forwarding (similar to no-ip)

originally when I installed xampp I found somehow that a lot of email was being sent by various people from my mail server (no one else has access to my mail server) so I diisabled mail server from running as well as ftp.

My question is that if I purchased NAS drive and connected to router would I require xampp (or other similar software) to be installed on NAS drive so that I can have a 'website' on the NAS drive (website also requires mySQL databases and php which all come in xampp) ?

I would also like to leave router/NAS drive switched on 24/7 so website can be accessed by anyone who visites the url without having to leave my PC on 24/7 (currently if I want my website accessed 24/7 then I have to leave my pc on as my website is on my external hard drive caddy.

Another reason for having a 'server' on NAS drive is so it free's up some PC resources

Maybe I am out of my depth and should not bother with NAS drive and just stay as I currently am ?

So any help/suggestions would be greatly appreciated.

Apologies if question sound daft but this is a new area for me and would like to be certain that NAS drive is the route to go before purchasing
 
yeah all sounds good mate, but to be honest i'd host your site some where other than your nas drive, everything that you want i.e setting up your site from the nas can be achived bu to be honest you'd be much better off hosting it some where that has a good download/upload speed other than your ADSL or cable connection.

Web Hosting, Domain Names Northern Ireland | BigWetFish Hosting

something like this, there are millions of hosting sites that offer front and back end hosting and settings and that and your web wite will also have storage space etc and pages will load super fast.

Imagine your downloading and uploading at the same time some one is browsing your site then your end user experiance will be slow and frustrating.

NAS drives are good if you have a super duper upload, but for the UK at the moment it's like 76 k max and that is really is poor for web sites.

get a nas drive if you want to host some files and not leave your pc on when your away from home but for hosting a web site and that i wouldn't bother mate..

this is also a good site mate should you still want to host...

DIYwebserver - build and run your own webserver from home dsl broadband connection using windows, apache, IIS, FTP, email server and more


good luck
 
site wouldn't really be a website' as such ... I use my current website for creating ipb forum skins so it would be used for that purpose only (99.9% of time I would be the only one viewing ... odd occasion for customer to view progress of their skin)

By using NAS drive then I would not have to leave pc on 24/7 and customer can view their skin anytime they want instead of as I currently have it which is when my PC is on, which can be a pain to cutomer if they are not in UK due to time zone differences.

Would I require the xampp or similar software installed on NAS drive or do routers not require this for displaying web pages/php/mySQL etc
 
You must log in or register to reply here.

Similar threads

G
Sharing a Common SSD
Replies
15
Views
499
grassland
G
alimac
    • Like
Symantec Endpoint Protection 14.3.4615.2000
Replies
0
Views
1K
alimac
alimac
alimac
    • Like
File Sharing Pro v3.1.2.30
Replies
0
Views
290
alimac
alimac
alimac
    • Like
VeePN.com VPN and Proxy for 6 months for free (unlimited traffic)
Replies
3
Views
860
silverdale
silverdale
N
Corrupt database - recovery suggestions?
Replies
2
Views
954
LightUser
L
Back
Top