# Do you have to be mad to expose tivo to the internet?



## laurence (Jun 17, 2007)

I'd like to be able to access tivoweb over the internet but I don't have a PC I can leave on in the house. So I'd like to set up port forwarding on my router to a non-standard port on tivo.
I know the simple answer is yes, you have to be mad - but with a non-standard port, a long complex username and password is it relatively safe?
Has anyone had any bad experiences? Or, has anyone done this successfully?
Thanks in advance for your thoughts!


----------



## TCM2007 (Dec 25, 2006)

Operated that way for years, as have many others on here. No recorded problems.


----------



## 6022tivo (Oct 29, 2002)

I also have.

People would have to know the IP, the port forwarding number you used, and your tivoweb password and username.


----------



## cwaring (Feb 12, 2002)

TCM2007 said:


> Operated that way for years, as have many others on here. No recorded problems.


Yep. Same here. No problems at all.


----------



## Pete77 (Aug 1, 2006)

Three years of Tivo on the web here with a longish hard to guess user name and password and no problems. Directly attached to my router with a long cable.

I also made my port for Tivo 443 (which is generally used by https traffic but also supports http used by Tivoweb) and my httpd access log for the Tivo then showed far less occasional hits from other IP addresses on 443 than if it was on port 80.

You can also make it easy to remember how to access your Tivo when you are away (IP numbers are damned hard to remember) by setting up a forwarding domain for your IP address at www.dyndns.com They can also handle dynamic IP addresses if you are unfortunate enough to be with one of the rubbish ISPs like TalkTalk or Tiscali that doesn't give you a static IP address. All that is needed is for your router to have dyndns support (most more recent ones do have this).


----------



## iankb (Oct 9, 2000)

Pete77 said:


> I also made my port for Tivo 443 (which is generally used by https traffic but also supports http used by Tivoweb) and my httpd access log for the Tivo then showed far less occasional hits from other IP addresses on 443 than if it was on port 80.


Personally, I wouldn't use a port number below 1,000, and always use one above 10,000. Most port scanners would give up above 1000, since they are far more likely to find another machine to attack successfully than uncover (say) a 5-digit port number on yours.


----------



## Pete77 (Aug 1, 2006)

iankb said:


> Personally, I wouldn't use a port number below 1,000, and always use one above 10,000. Most port scanners would give up above 1000, since they are far more likely to find another machine to attack successfully than uncover (say) a 5-digit port number on yours.


The problem with that strategy is that many internet cafes and other such places, not to mention office networks, block access through all but the standard ports (80, 8080, 443 etc) so you are then unable to access Tivoweb in many different places if you are travelling.

I went for the best compromise that meant I could still access Tivoweb almost anywhere but have more security than with Port 80.

And yes of course I realise that entering any username and password in an internet cafe is a very risky strategy but its a risk I'm more prepared to take with Tivoweb (very unlikely to be hacked in any case as a little known application of little interest to web fraudsters) than with my online bank account!


----------



## AMc (Mar 22, 2002)

Pete77 said:


> All that is needed is for your router to have dyndns support (most more recent ones do have this).


You can get a hacked Tivo to do this, a poster called ciper helped me to do it for mine and it works very well with dynamic IP addresses. You'd need to look in the other place for the step by step installation.


----------



## Pete77 (Aug 1, 2006)

AMc said:


> You can get a hacked Tivo to do this, a poster called ciper helped me to do it for mine and it works very well with dynamic IP addresses. You'd need to look in the other place for the step by step installation.


Why bother though when any decent ISP worth actually being with and offering decent download speeds at all times with no throttling always offers a static IP address free of charge. eg:-

www.adsl24.co.uk

See www.dslzoneuk.net/isp_ratings.php for decent vs rubbish ISPs.


----------



## TCM2007 (Dec 25, 2006)

If you've got a static IP, doesn't it come with a name too? A decent ISP (  ) like PlusNet certainly does this, resolving your IP from [username].plus.com


----------



## laurence (Jun 17, 2007)

Thanks loads for all the advice. Can't wait to start setting recordings when I'm bored at work!


----------



## Pete77 (Aug 1, 2006)

TCM2007 said:


> If you've got a static IP, doesn't it come with a name too? A decent ISP (  ) like PlusNet certainly does this, resolving your IP from [username].plus.com


Then what happens if you ever leave Plusnet? Answer you are stuffed.

I prefer to keep my email and domain names separate from my ISP so I can move ISP whenever I want.


----------



## dvdfever (Jun 2, 2002)

[email protected] said:


> I'd like to be able to access tivoweb over the internet but I don't have a PC I can leave on in the house.!


Why, does it get up to mischief while you're out? I leave mine on while I'm out as that's the best time to download stuff (as well as when I'm asleep) rather than when I'm trying to use it.


----------



## Pete77 (Aug 1, 2006)

dvdfever said:


> Why, does it get up to mischief while you're out? I leave mine on while I'm out as that's the best time to download stuff (as well as when I'm asleep) rather than when I'm trying to use it.


Doesn't do very much for your electricity bill though. Also laptops have a nasty habit of frying themselves if left on 24/7.


----------



## dvdfever (Jun 2, 2002)

Pete77 said:


> Doesn't do very much for your electricity bill though. Also laptops have a nasty habit of frying themselves if left on 24/7.


I don't leave my laptop on, but my 2 main PCs are, since it's just easier (in the case of the 2nd one as I don't use it as much). As for electricity bill, my bedside clock's always plugged in, as is my VCRs, TiVo, Freeview and Sky boxes, fridge/freezer, boiler, so in the grand scheme of things it's not a problem.


----------



## laurence (Jun 17, 2007)

dvdfever said:


> Why, does it get up to mischief while you're out? I leave mine on while I'm out as that's the best time to download stuff (as well as when I'm asleep) rather than when I'm trying to use it.


No - I fried my motherboard so I've just got a laptop that I take to work. My PC was v noisy anyway so I wouldn't have wanted to leave it on.


----------



## TCM2007 (Dec 25, 2006)

Pete77 said:


> Then what happens if you ever leave Plusnet? Answer you are stuffed.


If by "stuffed" you mean "remember your new address" then I guess so. I can sleep at night with that risk looming over my I think.


----------



## dvdfever (Jun 2, 2002)

[email protected] said:


> No - I fried my motherboard so I've just got a laptop that I take to work. My PC was v noisy anyway so I wouldn't have wanted to leave it on.


The latter is most likely down to the PSU and/or the CPU fan, so replacing both of them would be fairly cheap. Then again, I like mine on all the time as I also use them all the time while I'm in, and I rely on it as often as I rely on my TiVo


----------



## itm (Aug 12, 2001)

I'm sure I'm missing something really obvious here...I've just set up my tivoweb config file as below. I can access it on port 8080 from the LAN but not from the internet. I have port forwarding enabled on my internet router for port 8080 to the Tivo, and have no problems with other port forwards from the internet (e.g. to my IP camera, router admin console, etc). I have even tried using a "known" forwarded port on the router for the Tivo, and this doesn't work either - i.e. switching it from the IP camera to the Tivo temporarily. It'll forward to the IP camera, but not to the Tivo.

???

UserName = 
Password = 
Port = 8080
Prefix =
Theme =
DescriptionHover = 1
MultiDelete = 1


----------



## TCM2007 (Dec 25, 2006)

You restarted TW after changing the file?


----------



## itm (Aug 12, 2001)

TCM2007 said:


> You restarted TW after changing the file?


yes - did a "full reload"


----------



## TCM2007 (Dec 25, 2006)

I'm not sure it that reloads the config file or not. Might be worth Stopping TW and manually restarting it.


----------



## laurence (Jun 17, 2007)

I'd read somewhere that if you add a prefic in tivoweb.cfg it would require you to enter that prefix at the end of the url. Have tried it and restarted tivoweb but it doesn't seem to make any difference. Doesn't really matter, but does anyone know why?


----------



## TCM2007 (Dec 25, 2006)

IIRC the prefix stuff means that you can add a prefix and it will work,. but so will the original unprefixed version.


----------



## laurence (Jun 17, 2007)

TCM2007 said:


> IIRC the prefix stuff means that you can add a prefix and it will work,. but so will the original unprefixed version.


Ahh, thought it might be a way of adding an ounce of security. Thanks for the info.


----------



## Pete77 (Aug 1, 2006)

[email protected] said:


> Ahh, thought it might be a way of adding an ounce of security. Thanks for the info.


Long username and password and a port number other than 80 is the main way to achieve that.

In practice no one seems to have had a probem as there is no money to be made out of illegally accessing a Tivo. Plus also its operating system is not Windows so spambots etc are not expecting to meet that environment.


----------



## ciper (Nov 4, 2004)

Pete77 said:


> Long username and password and a port number other than 80 is the main way to achieve that.


Why not add port triggering on top of it? That would make it extremely unlikely to ever be found.


----------



## Pete77 (Aug 1, 2006)

ciper said:


> Why not add port triggering on top of it?


What do you mean by "port triggering"?


----------



## wdpower (May 22, 2005)

Ok, I'm afraid to ask cause it's a dumb question. What is TiVoWeb? Everything I can see makes it look like an old out dated thing.


----------



## ciper (Nov 4, 2004)

There are outdated forks of the software but version 2.1 is actively being developed as we speak. Most of the discussion takes place on the other forum in the development section.


----------



## Tim L (Jan 5, 2002)

Pete77 said:


> What do you mean by "port triggering"?


I guess he means this:
http://en.wikipedia.org/wiki/Port_triggering

As I understand it, using that would mean you wouldn't be able to connect to TivoWeb at all, which I suppose is some form of security.


----------



## cwaring (Feb 12, 2002)

wdpower said:


> Ok, I'm afraid to ask cause it's a dumb question. What is TiVoWeb? Everything I can see makes it look like an old out dated thing.


Maybe so, but it's as "up-to-date" as our aging Tivos can get


----------



## wdpower (May 22, 2005)

But the question is, What is it?


----------



## ciper (Nov 4, 2004)

Tim L said:


> I guess he means this:
> http://en.wikipedia.org/wiki/Port_triggering
> 
> As I understand it, using that would mean you wouldn't be able to connect to TivoWeb at all, which I suppose is some form of security.


LOL no that is not what I meant. I meant to only forward the telnet port inwards to the Tivo then if you want access to FTP or Tivoweb it gets triggered by sending outbound traffic on a certain arbitrary port.


----------



## Tim L (Jan 5, 2002)

ciper said:


> LOL no that is not what I meant. I meant to only forward the telnet port inwards to the Tivo then if you want access to FTP or Tivoweb it gets triggered by sending outbound traffic on a certain arbitrary port.


I'm not sure I follow.


----------



## Pete77 (Aug 1, 2006)

wdpower said:


> But the question is, What is it?


Well if you can't operate Google are you sure you are ok with your Tivo remote control?

Question is how did someone from Palm Beach who doesn't know what Tivoweb is happen to accidentally stray in to the Tivo UK web forum section?


----------



## Pete77 (Aug 1, 2006)

ciper said:


> LOL no that is not what I meant. I meant to only forward the telnet port inwards to the Tivo then if you want access to FTP or Tivoweb it gets triggered by sending outbound traffic on a certain arbitrary port.


I presume you are talking of Orenosp gotomypc and other similar solutions which require running the port forwarding software on a PC attached to your router and it then forwarding https authenticated traffic on the secure server to the Tivo.

The point is thought that's a lot more hassle and expense in 24/7 electricity than the simple method and in the real world has not proven to be necessary.


----------



## verses (Nov 6, 2002)

wdpower said:


> But the question is, What is it?


There's a Wiki page about it here

In fact there's a link at the bottom of that page to a live demo that lets you play around with its various menus.

Cheers,

Ian


----------



## wdpower (May 22, 2005)

Pete77 said:


> Well if you can't operate Google are you sure you are ok with your Tivo remote control?
> 
> Question is how did someone from Palm Beach who doesn't know what Tivoweb is happen to accidentally stray in to the Tivo UK web forum section?


I'm sure I can figure out the remote as soon as you pull it out of your @$$. Didn't know we weren't allowed to look at other posts, please excuse me while I return to my American posts.



verses said:


> There's a Wiki page about it here
> 
> In fact there's a link at the bottom of that page to a live demo that lets you play around with its various menus.


Thank you, I had looked at the Wiki page I had missed that link. From what I could see it was a program that let you do a little more than the TiVo website does, with on-line scheduling.


----------



## TCM2007 (Dec 25, 2006)

wdpower said:


> I'm sure I can figure out the remote as soon as you pull it out of your @$$.






> Thank you, I had looked at the Wiki page I had missed that link. From what I could see it was a program that let you do a little more than the TiVo website does, with on-line scheduling.


We only have S1 TiVos here, which don't have any web features unless you hack them in.


----------



## TCM2007 (Dec 25, 2006)

Pete77 said:


> I presume you are talking of Orenosp gotomypc and other similar solutions


No, he's talking about port triggering, like he said.

You open port A for port triggering. If you access that port from outside the firewall, then it opens port B in the firewall and you can then use port B to get access to the TiVo. Port A gives no access to anything; it just provides the trigger point.

The point being, as I understand it, that a port scanner won't find port B, as it's not open until you trigger it by hitting port A.

Maybe you should learn to use Google.


----------



## verses (Nov 6, 2002)

TCM2007 said:


> We only have S1 TiVos here, which don't have any web features unless you hack them in.


Good point, as we only have the S1 TiVo, fresh out of the box it only offers advanced TV recording. Any fancy features (in the S1 world, browser access is considered fancy ) have to be 'hacked' onto them.

Cheers,

Ian


----------



## wdpower (May 22, 2005)

TCM2007 said:


> We only have S1 TiVos here, which don't have any web features unless you hack them in.


Thank you, that's what I was looking for. I never experienced an S1 so I was unaware that they did not have the functionality.

-Bill


----------



## martink0646 (Feb 8, 2005)

Pete77 said:


> Well if you can't operate Google are you sure you are ok with your Tivo remote control?
> 
> Question is how did someone from Palm Beach who doesn't know what Tivoweb is happen to accidentally stray in to the Tivo UK web forum section?


Ah Pete....winning friends & influencing people..............again?


----------



## PaulWilkinsUK (Mar 20, 2006)

Pete77 said:


> Well if you can't operate Google are you sure you are ok with your Tivo remote control?
> 
> Question is how did someone from Palm Beach who doesn't know what Tivoweb is happen to accidentally stray in to the Tivo UK web forum section?


Oh Pete... good effort on world relations!


----------



## Pete77 (Aug 1, 2006)

martink0646 said:


> Ah Pete....winning friends & influencing people..............again?


As you clearly realise this is a skill that takes many years of patient practice to perfect.

The point is that the post was gratuitous in that this person has no need of Tivoweb themselves and then simply bumbled in to our Tivo UK forum section apparently solely in order accuse Tivoweb of being old fashioned, rather than seeing it as the bleeding edge developmentit clearly is in the context of our UK service where Tivo forces us to stick with the S1 machines. Any vague use of Google or reading more popular threads in the UK forum section would have made this obvious.

The post is subliminally coded in a "hey let me just ask this incredibly dumb questions as though its something clever just because I am too lazy to bother to research my question on Google before seeing if it is worth posting" type format. This is why it got a negative response. There are ways the question could have been asked in a more constructive and non annoying style that would have promoted a more positive response.


----------



## Pete77 (Aug 1, 2006)

PaulWilkinsUK said:


> Oh Pete... good effort on world relations!


Its a pity that I couldn't attend in person at the Boston Tea Party.

But in all seriousness I like to interact with our American cousins and compare notes on the differences between our customs and theirs (Tivo and otherwise) as much as the next man.

However what has always set me off a little about US culture is those Americans who simply fail to realise that the rest of the world actually exists and is capable of being different to life over in the US. This appeared to be an example of this particular phenomenon.

For instance would any Tivo UK member ever set foot in a US Tivo forum section without being well aware of the significant differences between UK and US Tivo service and therefore making any post in the light of that particular fact? I suspect not......................


----------



## cwaring (Feb 12, 2002)

Pete77 said:


> The point is that the post was ....


How the heck did you come to that conclusion? I think you were the only one


----------



## Tim L (Jan 5, 2002)

Pete77 said:


> There are ways the question could have been asked in a more constructive and non annoying style that would have promoted a more positive response.


The same could be said about the answer.


----------



## wdpower (May 22, 2005)

Tim L said:


> The same could be said about the answer.


I would agree. But some are more willing to accept that maybe searches have been done and to no avail and simply answer a simple question with a simple answer. And I humbly thanked him, I shall then chock this one up to my own ignorance.


----------



## Tim L (Jan 5, 2002)

wdpower said:


> chock


The word is chalk. 

Interestingly if your location didn't say you were in America, it could probably be deduced from that mistake - chalk and chock don't sound that similar in most UK accents (maybe in Irish?).


----------



## wdpower (May 22, 2005)

Thank you for the correction, I was still sleeping at that time, no coffee yet. I'll just blame my Irish ancestors. 

Now I guess if I may ask with out flaming, why don't you have newer TiVo's? I would guess if you can get scheduling info on one why not all?


----------



## Tim L (Jan 5, 2002)

wdpower said:


> Thank you for the correction, I was still sleeping at that time, no coffee yet. I'll just blame my Irish ancestors.
> 
> Now I guess if I may ask with out flaming, why don't you have newer TiVo's? I would guess if you can get scheduling info on one why not all?


Because nobody makes any Tivos for the UK, which uses a different TV system to the USA.


----------



## ColinYounger (Aug 9, 2006)

TiVo abandoned us. 

Please ignore Pete77 - he's our resident grump.


----------



## Pete77 (Aug 1, 2006)

wdpower said:


> Now I guess if I may ask with out flaming, why don't you have newer TiVo's? I would guess if you can get scheduling info on one why not all?


A Google search for *Tivo "series 3" UK "not available" *returns the following hits:-

http://www.google.co.uk/search?hl=e...eries+3"+uk+"not+available"&btnG=Search&meta=

I am far from being a forum member who suggests people use Search for everything in the forum and I often provide quick helpful answers to forum members who have had their Tivo break down and urgently need to know where or how they can get it fixed.

However this case is a bit different in that the question is still just being asked for the sake of being asked, that is not in any way relevant to the questioner's own successful Tivo use, and where numerous easy to find web resouces to answer the question fully already exists (if the questioner is really interested in what goes on with Tivos outside the USA which I to some extent still rather doubt).


----------



## Tim L (Jan 5, 2002)

Oh come on Pete - we're just having a neighbourly chat over the fence.


----------



## BrianHughes (Jan 21, 2001)

Pete77 said:


> Its a pity that I couldn't attend in person at the Boston Tea Party.
> ....


We wish you could have attended too. I suspect you would have joined the tea in Boston harbour


----------



## TCM2007 (Dec 25, 2006)

Pete77 said:


> the question is still just being asked for the sake of being asked, that is not in any way relevant


----------



## ColinYounger (Aug 9, 2006)

That kettle ain't the right color!


----------



## PaulWilkinsUK (Mar 20, 2006)

Now thats funny !! HAHAHAHAHA...


----------



## cwaring (Feb 12, 2002)

ColinYounger said:


> That kettle ain't the right color!


I was just thinking the same thing


----------



## Raisltin Majere (Mar 13, 2004)

Pete77 said:


> A Google search for *Tivo "series 3" UK "not available" *returns the following hits:-
> 
> http://www.google.co.uk/search?hl=e...eries+3"+uk+"not+available"&btnG=Search&meta=
> 
> I am far from being a forum member who suggests people use Search for everything in the forum and I often provide quick helpful answers to forum members who have had their Tivo break down and urgently need to know where or how they can get it fixed.


You simply regurgitate other people's advice. Those same people would still be around to offer that advice if you weren't here. Even your incredibly rude "google" comment was a slight variation on a post somebody else directed at you.


Pete77 said:


> However this case is a bit different in that the question is still just being asked for the sake of being asked, that is not in any way relevant to the questioner's own successful Tivo use, and where numerous easy to find web resouces to answer the question fully already exists (if the questioner is really interested in what goes on with Tivos outside the USA which I to some extent still rather doubt).


It's called discussion and I, personally, have no problem with it. And it was on topic unlike, I would guess, 70% of your posts.


----------

