# Personal Web Sharing, Port Forward, Advice needed



## AjAy2 (Apr 21, 2005)

Hi, 

What I am trying to do is share files which are on my Mac OS X Machine with a mate who lives 20 miles down the road, who uses a windows xp machine, the best way I could think of is personal web sharing. 

Now the problem I have is that i am on a netgear router (address: 192.168.0.2), I know what my IP address is, when I click on personal web sharing in system preferences, it says "this can be viewed at http://192.168.0.2/~Aarron, now that works for me, and the other users on my outer, however i know it wont work for my mate. 

I know I need to do port forwarding, but am not sure what i need to forward, i know how to change the settings. What does my mate enter in on the browser at his end? What address do I put in on port forwarding? 

I am greatful to anybody who can offer some feedback and help. 

Aarron


----------



## Andrew Adamson (Apr 21, 2005)

Any address that starts with 192.168... is an address on your home network. That means that any computer in your house that connects through your router will be able to see your computer, but an outsider will not. If your ISP gives you a direct connection to the Internet, your IP will be something quite different. That IP address is the one that your mate will need to use, but you will need to do two things. 

First, look up 'Port Forwarding' in your router's documentation. For Internet sharing, you will have to forward ports 80 and 427 to your mac's local IP address (192.168.1.2). Your local IP may change from time to time (each time you reset your computer it might change), so you may have to modify this setting each time it does. 

The second thing you have to do is find out your Internet IP address. That's the address you have to send your mate. For this, you probably can get the information from your router's web interface. Failing that, there are hundreds of sites that will tell you your address (search Google for "What is my ip address" and you'll get the idea). One place you can go is http://checkip.dyndns.org/ (no ads; in fact, no nothin' except your IP). 

Remember that by forwarding an Internet port to your machine means ANYONE, ANYWHERE can connect to your machine. Owning a Mac means that you have significantly lower risk of being damaged by a malicious user, but exactly the same risk of being attacked. As a result, I would suggest:
1) using a lenghty but easy-to-remember passphrase (not just a passWORD) for outsiders to access your machine (12 characters or more)
2) turning off port forwarding any time you are not using it, and 
3) keeping all ports closed unless you absolutely have to leave them open.


----------



## mdnky (Apr 21, 2005)

To setup port forwarding, find the directions in the following guide by NetGear.  You'll need to know your router's model number first for the right directions:  http://kbserver.netgear.com/kb_web_files/N101145.asp

You'll want to forward Port 80 to your computer's internal IP.  So, 80 should be forwarded to  192.168.0.2 .

After that's done, any web request to your WAN IP address will be forwarded to it.  To find your WAN IP, go to:  http://www.whatismyip.com

If you have a static IP, then that's all you have to do.  If it's dynamic, then you'll need to setup a dynamic DNS service.  

Two free choices are DynDNS and No-IP.  

You may need an auxillary program that updates your settings at the Dynamic DNS provider when your IP changes.  DLink has such a thing built into their routers, not sure about Netgear.  Check your router's manual to see if it is.


----------



## Andrew Adamson (Apr 22, 2005)

Just out of curiosity, does anyone know why OS X includes SLP (port 427) in its Internet Sharing settings? According to the OS X Server Network Services Administration manual:


> SLP (Service Location Protocol) DA (Directory Agent)  A protocol that registers  services available on a network and gives users easy access to them. When a service is  added to the network, the service uses SLP to register itself on the network. SLP/DA  uses a centralized repository for registered network services.


I'm kind of murky on what SLP actually does and why it is used for the firewall's 'Internet Sharing' (Apache) and 'Personal File Sharing' (FTPd). I'm guessing that some remote clients will check 427 and download the file using the protocol it decides is, er, more full-bodied? 

Aarron, I am pretty much 100% sure that mdnky is right that you need to only forward port 80 to share files. Leaving 427 closed at the router will not prevent anyone from reaching your shared files.


----------



## Pat the Rat (May 4, 2005)

I was wondering whether the port forwarding helped you, AJAY2? I have some shareware that uses PWS to do webcasts (see http://www.slidesnow.com if you are interested) and many people can't seem to use it because they are behind routers or firewalls and PWS doesn't work for them. I'm looking for ways around this too, so please keep this thread going. Thanks.


----------



## TimR (May 22, 2005)

I have a website with my old car restoration that is rapidly running out of ISP supplied room....I was debating using PWS as well on my old G3 which would give me lots of room. 

So my question is, if I have my G3 on my netgear router with port forwarding to set up the website, that would allow anyone access to my G3 but only to the sites folder, correct? What about the other machines on my house network? Would they be safely blocked if PWS is turned off on them?? What about personal file sharing between all the machines? I'm guessing if someone could get into the G3 then with file sharing on they could hack my passwords to gain access to my G4 and G5?

Bascially, I would love to be able to use my G3 to host my wesbite, but keep my G4 and G5 with all my personal data etc safe form prying eyes.

Sorry for the stupid questions, this area is a bit hazy for me, and I read lots fo conflicting information online.

Thanks for any advice. 

later
Tim


----------

