New user's registration have been closed due to high spamming and low trafic on this forum. Please contact forum admins directly if you need an account. Thanks !

Help with Bubba Two - Easyfind

Got problems with your B2 or B3? Share and get helped!
Post Reply
wm.bubba
Posts: 82
Joined: 11 May 2009, 12:58

Help with Bubba Two - Easyfind

Post by wm.bubba »

Hi,

I plan to set up easyfind to enable me to enable access to my bubba two from anywhere.

I know I need to set up port forwarding on my router to forward ports 80 and/or 443, however I would also like to restrict access using the source IP address, and not leave it wide open.

Would the IP address when using "<your_Easyfind_name>.bubbaserver.com" be the same eachtime it is used?
How do I find out what this IP address is, so I can enter it into my router?
Is what I have describe a valid method of restricting access to traffic from "<your_Easyfind_name>.bubbaserver.com"?

Thanks in anticipation of your response.
Henri
Posts: 62
Joined: 14 Jul 2009, 07:56

Re: Help with Bubba Two - Easyfind

Post by Henri »

Hi

I'll try to give you a hand... as a Bubba newbie ...
As I see it, Easyfind is nothing more than a way to resolve your Bubba's IP address, which can change from time to time. Easyfind works like http://www.dyndns.com/ or similar service.
When you type Easyfind address with your Bubba's easyfind name in your internet browser. Your browser gets redirected to your Bubba's/routers current internet address (IP).
So you should not worry about thinking what is Easyfind service's address, instead your should figure out what is the internet address (IP) of your PC where you are connecting to your Bubba server.

For example if you are connecting to your Bubba with your mobile handset.
What is your mobile devices IP address ?? now and will the address be the same tomorrow when you are in other part of town or country. This causes some problem when you are filtering IP addresses that are allowed to connect your Bubba server.

I have tried to protect my Bubba from unauthorized connection attempts by using Linux Debian hosts.allow and hosts.deny files. You can find these files from bubba's /etc folder.
Other measures to protect your Bubba might be by tightening your security by adjusting iptables firewall rules and installing additional software like Denyhosts or similar.

Denyhosts works so that it monitors Bubba's security log files and if it finds security log markings that indicate unauthorised login attempts, program adds those IP addresses to hosts.deny lists. This way IP addresses with too much failed login attempts get banned from connecting your Bubba. This method protects Bubba agains brute force login attempts at least in some degree.
At least protecting ssh login seems to work with denyhosts program.

There are probably lots of other similar programs but Denyhosts is the one that I have decided to try for a while and see how it works.
The problem with denyhosts is that all programs don't necessarily mark failed login attempts to security logs and therefore some services can be left unprotected with Denyhosts.
Here a link to Denyhosts software if you wanna see what it can do.
http://denyhosts.sourceforge.net/

I hope this gives some ideas about the matter in question.
wm.bubba
Posts: 82
Joined: 11 May 2009, 12:58

Re: Help with Bubba Two - Easyfind

Post by wm.bubba »

Thanks for the reply, I too am a Bubba newbie ...

I didn't realise that's how the Easyfind service works, but it certainly has given me plenty to think about.
It would appear I need to go away and mull over what to do next.

Thanks again.
Henri
Posts: 62
Joined: 14 Jul 2009, 07:56

Re: Help with Bubba Two - Easyfind

Post by Henri »

Your welcome.

I hope I didn't scare you off, but as I have understood the essence of Bubba. The web browser accessible graphic interface is just the tip of the ice berg for what you can do with Bubba. All the good stuff :) is hidden under the bonnet and to get access there, you really need to wrap up your sleeves (Learn Debian) and take ssh connection to get things done. Well maybe that is not completely necessary, but it hopefully helps.

For me it has been and still is hard and tedious road, but I am slowly learning new things.

And be careful if you start editing those hosts.allow/deny files. In worst case you can lock yourself out from Bubba, unless you are careful and make sure that hosts.allow file contains at least your own IP (address range).

Here's some general Linux tips for hardening ssh service.
http://non-gnu.uvt.nl/pub/uvt-unix-doc/ssh-harden.txt
wm.bubba
Posts: 82
Joined: 11 May 2009, 12:58

Re: Help with Bubba Two - Easyfind

Post by wm.bubba »

I can assure you I've not been scared off.

I have been running my own PC with SUSE for the last 3 or so years, so I'm no stranger to Linux or the command line and bash scripting.

I have also been using ssh for a while and have already installed some extras on Bubba, including hddtemp (to monitor the hard drive temperature) and my own script to enable me to shutdown Bubba remotely from my PC.

The purpose of this post was to enable me to securely connect from my work PC (where ssh is blocked), which I'm still hoping to do at some point.

The link you provided regarding ssh does make for interesting reading, thanks.
Post Reply