Guide to routing for use at home, part 2 - remote control, web and ftp at home!

Assuming you have read part 1 of this blog (or that you already know what a port , IP address and a WAN address is), then how does one use this to one's advantage?




What's the aim?

The aim, as alluded to in part 1 is to obtain access to information or control of a computer at home or the office. This can be really convenient if you are traveling about, want to give others the ability to send you big files, or even host your own web site!

With any service, all that is required is that the remote computer (client) has a clear path to the home computer (server) on the correct port(s).


Step 1 - find your WAN.


If you have a static IP address, you don't need to do anything here; since your ip address will always be the same, then this will always be the correct address for your home computer. If you do not, then you will either need to know the IP address that is currently assigned or use a dynamic DNS service like http://www.dyndns.org/.


Dynamic DNS


The dyndns service is free currently in this respect; it allows you to have a domain or sub-domain that always points to the current IP address of your home computer. I.e. you can have the address 'myhomepc.selfip.net', and a special piece of software on your home computer (supplied by dynDNS.org free) always maintains the correct IP address for your domain. So, when you are out and about, visiting myhomepc.selfip.net will always point to your router and PC!


Step 2 - The server PC address


Ok, you know the home WAN address. This gets you to the 'front door'. The next step is to get through the router to your PC. The router's job is to share an internet connection (mainly). It also usually assigns IP addresses to pcs/macs on a local network. This is called DHCP. So, when you connect a computer to your router, also called the 'local network', the computer gets given an IP address (in exactly the same way as the router gets an address when it joins the Internet).


You can tell your 'local' ip address in a number of ways. On a PC, open a command prompt (click start, run, then enter 'cmd'), then enter 'ipconfig'. A sample output is here:


As you can see, the the ip address of my PC is 192.168.1.10. The address of the gateway (the router) is 192.168.1.1.

Subnet mask - This is like a list of who my computer is allowed to talk to. 255 means 'only equivalent' and 0 means 'anything'. I.e. my computer is allowed to speak directly to ip addresses 192.168.1.anything.

So the aim is to make the router interpret a call to the 'front door', and to forward this to your PC, as long as it is on the required port. But, this requires that you know the address of your PC. Mine is '10', but if I switch it off and on again, then it might be different because of the router's DHCP?


Fixing your PC's address or name.


For the router to send an incoming call to a local computer it must know the address of the computer, and this address must not change! The easiest way to do this is to fix the address of your PC manually. This is done on a PC by editing the tcp/ip settings for your network card, and changing the address from 'DHCP assigned' to 'manually specified'. As long as the address used is not likely to be the same as anything else that is on or may join the local network you will be fine. Leave DNS server blank, or enter the router address there, set the subnet mask to 255.255.255.0 and set the gateway to the router address.


Alternatively,


If your router supports routing to computer names rather than addresses (as many new ones do, including the BT Office router currently being supplied) then you do not need to change the address properties of the intended server.


Step 3 - Configuring the router


Assuming you have configured your computer to respond to remote desktop calls (port 3389) then this port needs forwarding to your computer. The router is configured by using a browser on the local network to go to the router's address, and gain access with a password. I.e. point your browser to 192.168.1.1 and enter 'admin' is very common.

Find a page that relates to port forwarding, and enter the following details:


public port: 3389
local port: 3389
local address: 192.168.1.10


I.e. if a WAN request comes in on port 3389, this is immediately forwarded to port 3389 and local address 192.168.1.10.


As mentioned, some routers allow port forwarding to names and not numbers. Simply use the name of the machine as described by the router instead of the local address.

That is all there is to it. By configuring port 80 to forward to a computer, you will be able to access any web site that may be hosted by Apache or IIS. By forwarding port 21, you will be able to access an FTP site that may be hosted there.


Step 4 (sometimes) Local firewalls


In addition, computers have firewalls too. Windows has one, you may have also installed an additional one. These need to be configured to allow the required ports through uninhibited.


The alternative method - VPN


Some routers allow connection via VPN. This effectively eliminates the routing steps described above as it allows a client computer on the Internet to virtually connect to the local network via a VPN dial up connection. This method is invariably slower when it comes to data transfer, but it is secure. It is however all or nothing, so is not suitable for public access in any way.


SECURITY!!!!!


At this point (actually about 2 steps ago) it is really important to think about security. When you forward a port like 3389, ANYONE can 'have a crack' at gaining control of your PC. To make things worse, there are automated 'bots' out there that are constantly 'having a crack' at any apparently open ports, 24/7! It is therefore vital that any sort of Guest or Administrator access is turned off, and that any passwords are strong... No, Seriously! I use a similar setup for my home computer that has not been breached (yet), but I monitor the log files for attempted and refused access, and they sporadically record attacks where people have tried to gain control of my system.


In general, when a port is forwarded, it is no longer the router's job to control access to that port; that responsibility has passed to the server computer, and so the security needs to be set up accordingly.


Conclusion


Although there appears to be many steps involved, this really is a worthwhile exercise to do, just as a learning exercise. The understanding of TCP/IP that this process gives is really useful for diagnosing all sorts of issues that you may come across and expanding knowledge of the net generally. It is also extremely useful to be able to access information stored on a home hard drive from anywhere.


DISCLAIMER


Opening ports is tricky to get right first go. I recommend doing this with a computer where a security breach does not matter initially. Certainly, I want to stress that a 'loose' security configuration is HIGHLY likely to result in private information being accessed by the public. I therefore accept no responsibility whatsoever for any damage casued by experimentation in this area.


If you would like to discuss remote control with me directly, please do so by contacting me: http://www.ginzola.com/contact.php

Guide to routing for use at home, part 1 - understanding IP

When I am visiting a Client site, and I quickly open up a window on my macbook pro to remote control my home pc to retrieve some live information, people are often impressed... Or, when I am on the phone discussing a site change with someone, and they are able to see the changes 'live' on their PC, people are often equally dumbfounded. It's often the assumption that this sort of trickery is expensive and/or complicated to achieve. This couldn't be further from the truth. All it takes is a BASIC understanding of TCP/IP and a router with certain functionality and a little time!

As with most technical things, the first step is to understand them...

How do domains work and what is my IP address?

A good way to understand this is to understand web sites. When you type 'www.google.co.uk' into your browser window,your computer asks 'what is the address of google.co.uk for web browsing?'. The connected computer (usually your host, i.e. BT) (or other DNS server) returns '216.239.59.104'. This is the 'IP address' that the domain name 'google.co.uk' points to for the purposes of web browsing. You can try this, enter 'http://216.239.59.104/' into your browser... what comes up? google.co.uk. Your computer then retrieves information from the address 'http://216.239.59.104/' on port 80, which is the usual one for web browsing. So, google is actually a string of numbers, and the google.co.uk bit is just like a signpost that always points to whatever numbers happen to be giving the google service.

So, a domain name is simply a replacement or an alias for a string of numbers called an IP address!

Now you have to understand that everyone connected to the Internet has an IP address. That is not every computer however, but every point of contact. A router usually only has one IP address. This is often known as the WAN address. You can find your own WAN address by going to http://www.whatismyip.com. That is the address of your router or computer from the outside world. If you have 2 or more computers connected to a router, you will find that they have the same WAN address!

So, it follows that anyone typing in http://xxx.xxx.xxx.xxx with your WAN address will get through to your router... That's what firewalls are for!

By default, most routers refuse all incoming connections, i.e. anyone visiting your WAN address will not get any sort of response. But, you may want to selectively access something inside your network. That is called configuring your 'firewall', more on that later...

Static / Dynamic IP.

Some Internet providers offer static IP addresses. This simply means that every time you connect your router, you will always have the same IP address or WAN address. Most however are dynamic. This means that periodically (usually when you restart your router) the WAN address will change to a different one as assigned by your Internet provider.

What is a Port?

Remember that a web site is usually on port 80? Well, a port is like a virtual address within an IP address. There are loads of them, 65,536 of them with standard TCP/IP, and even more in the future!  Most 'services' have a specific port that over time has become the norm.  Lots of things can be services, but we will focus on three; port 80, 21 and 3389.  These ports are the standard for:

80 - web browsing

21- FTP

3389 - Windows terminal services

Read part 2 to find out how to use these ports to do useful things....

Making Menus Work for Search Engines, Mobiles and More

by Daniel Fletcher - www.ginzola.com

Behind the scenes, many web designs out there (and that includes some for some large outfits!) use distinctly obstructive coding.  That is, obstructive in the sense that their content cannot be easily navigated nor found by search engines.  This is a difficult subject to cover in a non specific way, but part of any good web SEO overhaul should include a careful look at the coding and technical practices used in a web site.

Menus

All sites have some sort of menu that allows a user (and more importantly, search engine) to navigate the site.  Sometimes however the menus used are a triumph of visual design over common sense!  Here are the worst offenders:

Flash - Although some of the search engines appear to be navigating flash objects, it is doubtful that using a flash menu could ever be considered good sense.  In effect, a landing page with a flash menu only has links that happen to be in the content of the page, and the normal 'tree' structure of the site is invisible to the casual search engine spider.  I admit to producing the odd flash menu myself many years ago.  Removing flash menus or at least augmenting them with standard ones is an instant barrier removed!

Images - Extremely common is the use of images with nice fonts for links to pages.  Also common is a complete lack of ALT tags to inform engines of the content of the link.  Although they look nice, these links are really 'black boxes' to the search engines.

Frames - Thankfully frames are mostly eradicated these days!  Frames 'split' the browser window so that the page with content does not actually contain the menu.  Therefore, every page in the site is a 'black hole' that search engines are unlikely to view highly.

Javascript popup menus / other fancies - There are many cases of menus that present very flashy appeal, but whether the search engines are able to parse the links successfully is doubtful.  There are so many variations here, it's impossible to say what's good and bad; just that the issue needs attention

Other menu issues

Many browsers now are mobile, and the trend for mobile browsing is increasing rapidly with no sign of slowing down.  In short, people on the move are demanding access to the same information as 'standard' browsers.  Mobile browsers require information that is easily restructured by their own browser clients, and this lends itself to the current solution:

The ideal menu

The ideal menu is quick to load, accessible, easily customised to look like the site and of course contains the most transparent of code.  Thankfully, such a solution exists and has become the norm for web designers who know their stuff!  Ironically, this method is perhaps the oldest out there, but it has taken a long time for the full potential to be realised of the method.  Here is a brief overview:

Start with standard bulleted list of links such as:

• www.ginzola.com
  
• www.tfpro.com
• www.guyfletcher.co.uk
• www.google.co.uk
• www.blogger.com

Then add style information to change the look and feel. I.e the above looks like the following if we add the mentioned CSS information

---

• www.ginzola.com
  
• www.tfpro.com
• www.guyfletcher.co.uk
• www.google.co.uk
• www.blogger.com

---

This list is simply augmented with a few CSS rules, float (causing the elements to stack themselves differently) colour, border and rollover changes.

So, this proves that a simple bulleted list can become almost anything.  Coupled with more advanced CSS, the menu format is really flexible.  The best part is though when it comes to mobile devices; if a browser finds it inconvenient to display complex background graphics, it simply ignores them, reverting to a list which is miniscule in bandwidth.  

The Search engines ignore the formatting also, meaning your site has a menu that is ultra accessible.  There are hundreds of resources out there for making fabulous menus using no more than CSS rules and bulleted lists.  I now use this method for defining the navigation in every site I overhaul. See the portfolio on www.ginzola.com/portfolio.php for examples.

Multi level?

There are also ways of doing multiple level menus with 'rollovers'.  This is simply by using a multi level list, i.e.:

• www.ginzola.com
  
• www.tfpro.com
  • www.guyfletcher.co.uk
    
  • www.google.co.uk
    
• www.blogger.com

By using CSS to define the layers of the menu, rollovers with very advanced behaviour can be created. But, this method carries a warning... Ever used an iphone? 

Some browsers will display the rich version of a menu, but not allow the users to 'hover' over a button, at least, not easily.  The iPhone is a good example.  So, the rule in my book is, use multiple level menus, but make sure that the head element of any submenu points to a page with links to all the submenu items.  That way, a browser that does not support hover mode will be able to access all your pages!

Conclusion

There are many ways of doing effective and visually appealing menus, but there are relatively few ways of making these menus work for the search engines and all browsers.  Currently, at least in my book, straight CSS and bulleted lists are the way forward.  They are easy to customise, very thin in terms of bandwidth for mobile devices and flexible and accessible.  For active site programmers (like me) it is easy to generate menus based on database content too (i.e. the news menu of ginzola.com).

In short, get the menu right and the whole site benefits!

SEO, Is your content relevant?

by Daniel Fletcher, www.ginzola.com

It is not often that a web designer will give away all his/her tricks.  It's a bit like giving away a secret recipe; but that's exactly what I will be doing in this blog!

The main focus of www.ginzola.com is to add value to people's existing web sites by developing them, either independently or with existing web designers to enable better traffic throughput from the search engines.  I have found that there is no 'easy' way to achieve this; what it takes is thought, work and patience.  However, I have found that excellent results have been delivered and the effort continues to be rewarded... here's how I go about SEO.

Step one. Are you saying the right things about yourself?

Web sites contain pages.  It is often the case however that a web site is designed with a design view with 'placeholder' text that is replaced very quickly when a website is published.  I.e. the web site looks impressive, but strip away all the graphics and the actual 'content' is poorly written and unfocused.  This is especially true of small businesses who don't have time to write proper text, and web designers who don't know the Client's business.

This 'content' is however exactly what the search engines read when they look at a site so is in most cases the first and most time consuming 'fix' for any web site SEO.  Here's an example...

(picture of builders, surveyors etc)

Our business delivers the complete package for your project.   With an experienced team, total customer satisfaction and convenient local location you can be sure that your project will run to completion on time and on budget.

Now, the human reader will see the builders and make assumptions concerning the nature of the business.  The search engine only sees the text which (when taken out of context) means almost nothing!

I would replace this with something far more targeted, i.e.

(same picture)

We provide construction, surveying, project management and decorating services to customers located in Devon and Cornwall.  We have experienced teams of tradesmen working around Exeter, Torquay, Taunton etc. etc..

I.e. the text is written to specify the business purpose and location; a combination that guarantees a fighting chance in the search engines should a customer search for something like 'construction team exeter' or 'decorating services devon'.

That is the basic idea when looking at the content of the introductory pages.  Get keywords into the text, high up... and make sure that any business concepts are spelled out.

...There is a lot more to this topic that I will cover in future posts!