1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Safest way for wake on lan

Discussion in 'Tomato Firmware' started by hariskar, Jan 15, 2011.

  1. hariskar

    hariskar Networkin' Nut Member

    Which is the safest way to open my pc from internet:
    1. Using portworwarding & magic packet?
    2. Remote access on the router page?
    3. ssh?

    Thank you!
  2. rs232

    rs232 Network Guru Member

    I use WOL a lot. Mainly via SSL remote admin and just occasionally ssh. It all depends how much you want to open your router...

    On my router I have HTTPS only on the wan interface and have changed the default SSH port to increase security.

  3. hariskar

    hariskar Networkin' Nut Member

    I use WOL with the first 2 methods.
    The methods you use are safer than the methods I mention?
    SSL remote admin? I didn't know about this method.

    Thank you for helping!
  4. rs232

    rs232 Network Guru Member


    I'd say magic packet are not that secure, in fact if you read up on the topic you'll find that sometime the host is randomly booted up as some broadcast packet used by other protocol match the pattern used by the magic packet, is this is expose to Internet even worst.

    I would leave only one way open, I do use two because I travel to different places and sometime the SSH port is not allowed through the proxy, so to me it's 2222 for SSH and 8080 for SSL.

    Having said that: have you had any security problem? If not I wouldn't bother too much as long as you can send the WOL.
  5. hariskar

    hariskar Networkin' Nut Member

    Thank you!
    No, I didn't have any security problem, but I made these modifications to the router and want to choose the safer method. I already use https, so I guess I should close the port I opened for the magic packet and it's OK.
  6. TexasFlood

    TexasFlood Network Guru Member

    I help remotely support a PC for family. So I put in a Tomato router so I could get functionality like auto-updating DDNS and WOL. I use the WOL on the router admin page of TomatoUSB, https access only on the router on port 65443.
  7. hariskar

    hariskar Networkin' Nut Member

    Why especially this port? Why not 8080?
  8. TexasFlood

    TexasFlood Network Guru Member

    If that was directed to me, no particular reason other than I like to use non-standard ports for any listening ports exposed to the Internet. Makes things a bit harder for those looking to cause trouble. 65443 is an alternate for 443 which is both non-standard and easy to remember. Easy to remember seems to be increasingly important to me as time goes by, :wink:.
  9. hariskar

    hariskar Networkin' Nut Member


Share This Page