telot Posted May 11, 2012 Posted May 11, 2012 The topic of dyndns came up in another thread, and Mr. Protocol was somewhat incorrectly dismissive of the idea. Also, you all seem to go to great lengths with reverse-ssh in order to access your pineapples remotely. I'm here to tell you thats quite unnecessary. You say carriers block port 22? I'm here to say thats dead wrong. They block everything by default and direct access to your pineapple is just a phone call away. Let me explain. Mobile termination is a phrase used in the cellular industry meaning that the device is capable of being reached from the internet. For instance, a normal smartphone can access the internet just fine, but if you get its IP address and try pinging it/accessing it from a computer, you'll be blocked. Hence the reverse-tcp action. Well, turns out all you have to do is call up your carrier and request a specialized option on your cell plan called...you guessed it...mobile termination. Now, just calling up the 1800 number of verizon and demanding mobile termination from the first person that answers won't get you anywhere. With the CDMA carriers at least, you can use the phrase "Public IP address - not a private one like I've got, like you give out to smart phones - I need a PUBLIC ip address...Yes, this is for an M2M application" - you can even request a public STATIC ip address if you so wish...though Verizon will try and charge you a one time $500 setup fee for your entire account...you can negotiate with them however, saying you've only got one line of service you want it for (I've seen them give it away for free). Sprint is much easier, you ask for the public static IP and they charge you an extra $3 bucks a month for it. AT&T on the other hand, you need to request a special APN and lucky for you, I've done all the research on which of their hundreds of APNs is the best for us. The APN is called: I2GOLD - its mobile terminated and public. So if you want a static IP (nice to have in general if you ask me...) or if you want to stick with dynamic and use a service like dyndns - either way you're no longer depending on having an always-on server reverse-ssh'ing to your pineapple - which is really just another component with the possibility of failure. This reduces the total possible failure points by 3 (ssh connection to server, server hardware fail, or server internet provider fail). So this is where I can see using dyndns on the pineapple if you setup a 3G modem for mobile termination. This is how I connect to my pineapple and it works great. Just plug in my 3G dongle and ssh root@telot'sStaticIP or root@telot'sdyndnshostname and off I go. It might not be the best way for some, but I have a feeling a couple people could benefit from this solution. Hope this little primer helps telot Quote
brianzimm Posted May 12, 2012 Posted May 12, 2012 (edited) I can confirm that you get a public IP with ting. Just ran nmap and connected to my pineapple with ssh. Woot! I think some dynamic dns sounds like a great idea. Starting Nmap 5.00 ( http://nmap.org ) at 2012-05-11 21:52 EDT NSE: Loaded 30 scripts for scanning. Initiating Ping Scan at 21:52 Scanning 173.111.xx.xx [2 ports] Completed Ping Scan at 21:53, 2.02s elapsed (1 total hosts) Initiating Parallel DNS resolution of 1 host. at 21:53 Completed Parallel DNS resolution of 1 host. at 21:53, 0.12s elapsed Initiating Connect Scan at 21:53 Scanning 173-111-xx-xx.pools.spcsdns.net (173.111.xx.xx) [1000 ports] Discovered open port 53/tcp on 173.111.xx.xx Discovered open port 22/tcp on 173.111.xx.xx Completed Connect Scan at 21:53, 7.15s elapsed (1000 total ports) Initiating Service scan at 21:53 Scanning 2 services on 173-111-xx-xx.pools.spcsdns.net (173.111.xx.xx) Completed Service scan at 21:53, 6.33s elapsed (2 services on 1 host) NSE: Script scanning 173.111.xx.xx. NSE: Starting runlevel 1 scan Initiating NSE at 21:53 Completed NSE at 21:53, 4.70s elapsed NSE: Script Scanning completed. Host 173-111-xx-xx.pools.spcsdns.net (173.111.xx.xx) is up (0.20s latency). Interesting ports on 173-111-xx-xx.pools.spcsdns.net (173.111.xx.xx): Not shown: 979 closed ports PORT STATE SERVICE VERSION 22/tcp open ssh Dropbear sshd 2011.54 (protocol 2.0) | ssh-hostkey: 1024 ---------------------------------------------- (RSA) 25/tcp filtered smtp 53/tcp open domain dnsmasq 2.59 80/tcp filtered http 113/tcp filtered auth 135/tcp filtered msrpc 139/tcp filtered netbios-ssn 445/tcp filtered microsoft-ds 901/tcp filtered samba-swat 1022/tcp filtered unknown 1023/tcp filtered netvenuechat 1025/tcp filtered NFS-or-IIS 1433/tcp filtered ms-sql-s 2967/tcp filtered symantec-av 3128/tcp filtered squid-http 3306/tcp filtered mysql 4000/tcp filtered remoteanything 4899/tcp filtered radmin 5000/tcp filtered upnp 6129/tcp filtered unknown 9898/tcp filtered unknown I think you can have the pineapple run a small script an update something like Dyndns with curl see here for info http://dyn.com/support/developers/api/perform-update/ Edited May 12, 2012 by brianzimm Quote
brianzimm Posted May 12, 2012 Posted May 12, 2012 (edited) Well I like the idea so much that I am writing a module. :D More info to come.. here Edited May 13, 2012 by brianzimm Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.