Join 3,512 readers in helping fund MetaFilter (Hide)


Home secure networking
November 29, 2004 6:06 PM   Subscribe

Secure networking question: I am hoping to set up a remotely accessible wiki running on my home computer, but I'm a networking doofus. [MI]

I'm not looking for anything complicated; basically I plan on running Instiki with its built-in web server. Setting up the wiki on its own server seems easy enough, but I really need the connection from the outside world to be secure and encrypted. Unfortunately, I am a dunce. I know the answer probably contains the acronyms SSL and/or SSH, but I can't figure out much more than that. Help, please?

Technical details: I plan on hosting the wiki on a Windows XP machine behind a NAT router. I know how to set up port forwarding, which I assume will be necessary. I will be accessing the wiki primarily from a Windows 2000 machine.
posted by monju_bosatsu to Computers & Internet (2 answers total) 1 user marked this as a favorite
 
Did you see that they have a way to do it using SSH port forwarding?

Even though the instructions don't mention it, I think that would also require running a SSH server on your home machine, and passing port 22 through the router.

SSL with a self-signed certificate would be relatively easy if this ran on Apache, but it doesn't, so you're probably out of luck there.
posted by smackfu at 6:51 PM on November 29, 2004


If you set up port forwarding on the nat router to open up port 80 (standard web traffic) to your desktop machine then you can connect to the wiki software. This will only be as secure as the wiki softwares login info is, no encryption. If the wiki's web server supports ssl (https) then you can forward port 443 and be able to access it over encrypted traffic and still using whatever username/password protection the wiki gives you.

Beyond that you need to know what IP address the outside of the nat router will be listening to, if it's a static (unchanging) address then you can simply http:// over to it, but if you are using a dynamic address from a ISP then you might need to use a free service like http://www.no-ip.com to help you track the number.

If you want even more security and flexibility, and major geek cred then you can set up a vpn to your home machine using something like http://openvpn.sourceforge.net
posted by dirtylittlemonkey at 7:05 AM on November 30, 2004


« Older Psychotropicdrugfilter: I'm p...   |  Can I handwash my merino wool ... Newer »
This thread is closed to new comments.