Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

Netopia Timbuktu trouble

0 views
Skip to first unread message

Timothy Miller

unread,
Jun 4, 2003, 3:10:04 AM6/4/03
to
Greetings,

Last week I was asking about notifying my secretary about my non-static
IP address. I got some good suggestions, which I have not disregarded by
any means.

I probably should have said why I was asking.

I've been using Netopia's Timbuktu on two Macintoshes for years and
years, every day. Admirable product. Sometimes the Control function,
sometimes exchange. At first it was dialup on both ends, home and
office. Then I got DSL at office, with non-static IP address. Now I
connect to the internet at home, use Timbuktu's IP Locator, keyed to my
DSL email address at the office, and I'm on in an instant.

So, now I have this new offsite secretary. She's a Windows user. Her
husband is a smart computer professional. I want her to remote-control
my Macintosh with her Windows machine. We got her Timbuktu for Windows.

I set up her account. Several calls to Netopia tech support were
necessary. They told me to type 0.0.0.0 in Preferences:IP Locator:
Advanced (a button): "Over ride registered IP Address" (A field) They
didn't say why. It was never necessary before. Later on, I learned that
we need to open ports 1417 through 1420 in the firewalls. I've already
got port 407 open in my firewall.

Now she can connect if she types in my IP address. I have to email it to
her, first, if it has changed recently.

The IP locator still works great from my dialup machine.

But Netopia's IP locator still isn't working for her. She can't find my
DSL machine -- the one at the office. This makes her work slower and
less convenient. Costs me money.

Today, I called Netopia Tech support again. They told me to tell her to
open port 80. It was already open. It seems like Netopia is running out
of ideas.

She is behind a NAT router. Her husband seems to understand every detail
of NAT. The thinks he's got it configured just right. He's starting to
get stumped.

Anybody else been through this and found the answer?

Is is possible to ping or traceroute Netopia's IP Locator?

I'd ask on a Windows NG, too, except there are so many I don't know
where to begin. Suggestions? Any other NGs that might be helpful?


Thanks in advance,


Tim Miller

Mark Conrad

unread,
Jun 4, 2003, 11:07:29 AM6/4/03
to
In article <3EDD9B4C...@nospam.com>, Timothy Miller
<non...@nospam.com> wrote:

> Today, I called Netopia Tech support again. They told me to tell her to
> open port 80. It was already open. It seems like Netopia is running out
> of ideas.

Yeah, I have run into problems with Netopia's phone tech support also,
not the least of which is the long wait on the phone. (hours)

Lately, out of frustration, I have been using their email tech support.

I have a 'temporary' workaround you might consider.

You could have the PC user remote-control your Mac via a regular
telephone connection.

In my case, that worked, and I have a phone account that does not
charge extra for prolonged phone connections.

No worries about security so you could run her in directly, bypassing
your usual firewalls etc. Just make certain you take reasonable
precautions such as using passwords, and possibly even using the
'callback' feature of TB2 if you need added telephone security.

Like I said, it is a temporary fix.

Keep us posted if you stumble upon a permanent fix, others of us have
the same problem as you do.

Mark-

Timothy Miller

unread,
Jun 5, 2003, 12:28:05 PM6/5/03
to
Hi Mark,

My reply is bottom posted.

Your dialup suggestion is excellent. We have tried that and we know it
works. It is a good workaround, though cumbersome.

The IP locator has always worked perfectly using my dialup Mac at home
on one end and my IP mac at the office on the other. I get on the
internet with the dialup, use timbuktu's IP locator to connect to the IP
Mac, and I'm connected to the IP Mac almost instantly.

So, now the IP Locator won't work for my secretary, on her windows
machine, behind a NAT router. We know her "trusted visitor" account on
my IP machine is okay, because she can type in the IP manually.

It seems the likely cause is

1 -- A Mac vs. Windows problem.

2 -- Some port needs to be opened in the firewall, probably at my
secretary's end. She has opened 1417 through 1420, 407 and 80. We don't
know of any others that need opening. I have the same open on the
Macintosh end, probably unnecessarily. As far as I know, I only need to
open 407.

3 -- A NAT problem on my secretary's end. She's behind a NAT router. Her
husband, the network guru thinks a NAT problem is unlikely.

4 -- One of us -- me or the secretary's cyberguru husband has made a
stupid mistake.

Any other candidate theories?

I'm wondering how to troubleshoot the problem. Any ideas?

Ping or traceroute the IP Locator? Possible?

Packet-sniff for the IP Locator's reply? Find out where it's going after
it arrives at the NAT router? Possible?

Any other ideas?


Thanks,


Tim Miller

Mark Conrad

unread,
Jun 6, 2003, 5:49:02 AM6/6/03
to
In article <3EDF6F95...@nospam.com>, Timothy Miller
<non...@nospam.com> wrote:

> Your dialup suggestion is excellent. We have tried that and we know it
> works. It is a good workaround, though cumbersome.

The fact that the direct phone-to-phone connection works throws a lot
of suspicion on the NAT router.


> 1 -- A Mac vs. Windows problem.

I don't see how, being the direct phone-to-phone connection works.


I think one way of resolving what is happening, is to talk whoever
controls her PC into allowing a brief test to see if she can contact
the IP locator directly from her PC, (no firewall or NAT router) and
get to your Mac that way.

If that works, you then know the problem is the NAT or firewall.

Should not be a security risk, because even the best cracker needs some
time to break into the TB2 network.

If they are paranoid there, then the only other way I can think of is
to get hold of a seperate PC, load it with just the bare OS your
secretary is using, and TB2, to see if she can contact the IP-Locator
with that PC.

If she can, then someone can add a firewall to the mix to see what
ports are necessary in order for the IP-Locator to work.

If all that still works, then the problem narrows down to the NAT.

Mark-

Matti Haveri

unread,
Jun 6, 2003, 9:30:24 AM6/6/03
to
In article <060620030251078624%nos...@iam.invalid>,
Mark Conrad <nos...@iam.invalid> wrote:

> Should not be a security risk, because even the best cracker needs some
> time to break into the TB2 network.

What about actual Timbuktu screen sharing data? Is it easy to crack?

We transfer confidential data via Timbuktu screen sharing and for
security reasons we have been using dial-up until we get VPN.

--
Matti Haveri <matti....@sjoki.uta.fi> <http://www.sjoki.uta.fi/~shmhav/>

Mark Conrad

unread,
Jun 6, 2003, 2:28:10 PM6/6/03
to
In article <matti.haveri-2A3E...@plaza.suomi.net>, Matti
Haveri <matti....@sjoki.uta.fi> wrote:

> > Should not be a security risk, because even the best cracker needs some
> > time to break into the TB2 network.
>
> What about actual Timbuktu screen sharing data? Is it easy to crack?


Not easy to crack for the overwhelming majority of kiddie-crackers, who
use readily available 'cracking' scripts downloadable from the
Internet.

The usual security features built into TB2 should give you adequate
protection.

Now, on the rare occassion that you run into a really skilled cracker,
all bets are off. This likelyhood of being attacked by such a cracker
would be equivilant to being struck by lightning on a clear day.

They have bigger fish to fry, like breaking into bank computers or
being hired at very high wages by terrorist organizations.

To really curl your hair, take a quick look at this security website,
and follow a few of the links on the left side of the page:

http://www.securemac.com/openfirmwarepasswordprotection.php

Kind of ignore the main thing they are pushing on that website, namely
the "Open Firmware" product, because the 'small print' mentions that
even that product can be easily defeated by a skilled cracker.

Even 40-key PGP encryption can be fairly easily cracked by people with
access to supercomputers. (lots of people, nowadays)

The estimate is that 1000-key encryption should be secure against
cracking. I don't know if such systems of encryption are available to
the ordinary person.

Actually, I know very little about security matters, so don't take my
word for anything connected to security.

All I know is what I pick up by nosing around security sites on the Net.

Mark-

Timothy Miller

unread,
Jun 6, 2003, 2:47:22 PM6/6/03
to

Mark Conrad wrote:
> In article <matti.haveri-2A3E...@plaza.suomi.net>, Matti
> Haveri <matti....@sjoki.uta.fi> wrote:
>
>
>>>Should not be a security risk, because even the best cracker needs some
>>>time to break into the TB2 network.
>>
>>What about actual Timbuktu screen sharing data? Is it easy to crack?
>
>

--snip--

Thanks for all the good suggestions. No luck yet, but we're working on it.

If anyone on the NG is struggling with this issue, you can ping or
traceroute Netopia's IP locater at findme.netopia.com


Best regards,


Tim Miller

Mark Conrad

unread,
Jun 6, 2003, 8:38:24 PM6/6/03
to
In article <3EE0E1BA...@nospam.com>, Timothy Miller
<non...@nospam.com> wrote:

> Thanks for all the good suggestions. No luck yet, but we're working on it.
>
> If anyone on the NG is struggling with this issue, you can ping or
> traceroute Netopia's IP locater at findme.netopia.com


Just my opinion, of course, but I really think the problem as it now
stands is too complex to tackle head on.

If it was _my_ problem, I would simplify it by begging, borrowing, or
stealing an identical brand of PC as your secretary is using, with the
same OS installed. (and TB2, of course)

If a cracker breaks into the 'substitute' PC, who cares, there is
nothing of value on it like company files, etc.

Then I would use that 'substitute' PC to lasso the Netopia IP Locator,
and then make contact with your Mac

Once all that was accomplished, I would then add all the other
components to the mix one-at-a-time.

(firewall, NAT, routers, ports, and whatever else is between your
secretary's PC and the outside world)

This approach to solving the problem would nail down what exactly where
the difficulty lies, however this approach would need the cooperation
of the people in your secretary's workplace.

Might be impossible to obtain the needed cooperation, for whatever
reason.

Good luck with your efforts, perhaps a head-on approach might work.

Mark-

Go Fig

unread,
Jun 7, 2003, 2:17:23 PM6/7/03
to
In article <3EDD9B4C...@nospam.com>,
Timothy Miller <non...@nospam.com> wrote:

> But Netopia's IP locator still isn't working for her. She can't find my
> DSL machine -- the one at the office. This makes her work slower and
> less convenient. Costs me money.
>
> Today, I called Netopia Tech support again. They told me to tell her to
> open port 80. It was already open. It seems like Netopia is running out
> of ideas.
>
> She is behind a NAT router. Her husband seems to understand every detail
> of NAT. The thinks he's got it configured just right. He's starting to
> get stumped.
>
> Anybody else been through this and found the answer?
>
> Is is possible to ping or traceroute Netopia's IP Locator?
>
> I'd ask on a Windows NG, too, except there are so many I don't know
> where to begin. Suggestions? Any other NGs that might be helpful?
>
>
> Thanks in advance,
>
>
> Tim Miller

This is what I do to find a dynamic IP.

I have E-MAIL checked every 4 min. I have a filter in Eudora to
'auto-reply' if a certain phase is used in the subject. I get the IP
address from the header info from the auto-reply. Takes a few minutes,
but works well for me.

jay
Sat, Jun 7, 2003
mailto:go...@mac.com

--

Legend insists that as he finished his abject...
Galileo muttered under his breath: "Nevertheless, it does move."

Geoffrey F. Green

unread,
Jun 7, 2003, 4:52:47 PM6/7/03
to
In article <3EDD9B4C...@nospam.com>,
Timothy Miller <non...@nospam.com> wrote:

> She is behind a NAT router. Her husband seems to understand every detail
> of NAT. The thinks he's got it configured just right. He's starting to
> get stumped.

Are you behind a NAT router?

- geoff

--
Visit http://PostingUp.net
All college basketball, no Andy Katz

0 new messages