Guys I happen to have a server at my place and I’d like to access the server remotely. In order to do that, however, I need to portforward. I called Safaricom Home and they told me they don’t offer such services, they don’t even offer static IP. The local ISPs don’t know about port forwarding and it’s been like a month and things are still stuck. Does anyone have an idea of an internet service provider who can enroll me to their service and set up port forwarding for me? I know how to portforward on a router (the settings). However, my ISP seems to have blocked ports from his side.
The way you’re giving scanty details, I suspect you are using a Meterpreter - Metasploit payload that requires port forwarding to trick the Client rather than carrying out a direct attack. My response will be based on that angle, if you can pick something from it then by all means.
First, You can port forward with a dynamic PUBLIC IP no problem, as the ports that are open on your network are determined by your home router.
If that doesn’t solve your PF issue, You need to install some sort of Network persistence. Since changing IP is really your concern, you could use a listener instead of the meterpreter persistence service. Some UPnP apps help by giving you the option of UDP/TCP, while some routers are very convenient for those roles. TPLink za kitambo sana sana.
Netcat is also an option, very good for your PF needs
Dynamic IP should not be an issue at all!! Esp in Linux environment.
Kuna gadgets zingine noma pale hak5 that create that persistence, but they don’t ship to Vumbistan so chorea hiyo.
For any legit reasons for the port forwarding,
You can ask that jaluo guy @Nyamgondho, he seems to know a thing or two
Also
Ignore the Port forwarding option and use RDP tools kama Remote AccessVPN, OpenVPN, last desperate option Teamviewer.
1 Like
Your isp has not blocked any ports. The router comes by default with most ports closed. If you have the knowledge you will know how to open them.
- Your server must have a static ip.
- Know the ports that are needed inorder to access your server (depending on what your server does).
- Head over to your router administration with these two and configure and port forwarding or other options in different routers. And open the ports needed. Under tcp or udp if you don’t know google search the port… e.g ‘port 8000 tcp or udp’ it’s easy.
- If the server is windows based there are much more simpler ways to access them remotely. E.g configure remote desktop which comes with windows. Or use other programs for remote access.
1 Like
Hi,
You can install SoftEther, on both your server and your client device.
No need to port forward for access.
Connect to VPN then remote desktop / VNC.
Forrowing. Also tried tinkering with Port Forwarding on Safaricon Fiber and wasn’t successful…
Safaricom are a bunch of useless fellows ,the change credentials on your device to make almost impossible to make changes locally via a web browser .They are even doing the same for Safaricom fibre business and they never used to limit access .
Yeah. Agree 109%.
Never had issue with this. For me I could setup Port Forwarding on the Web interface but it never seemed to work…
I wonder how people who need to access their systems remotely manage i.e Security Cameras…
Do you have home fiber or business link ?
Speaking of this, I was inquiring from my ISP provider settings za router ndo nichange password. I was lucky I had my own router from before so badala ya kutumia router ya supplier, nikatumia yangu ya TP-Link. So while updating settings kwa web, msee akanishw niende kwa security then remote management niweke IP address flani, then akanishw nimsomee my IP address ile iko kwa WAN. My question is, does this meam they can access my router anytime?? From anywhere?
1 Like
Safaricom uses cgnat for home users so no luck there, look for JTL home so far they are the only provider to give you a public IP and also allow a bridging of their router. @Jimit yes he can access anytime that is called managed router services, this days we use a ACS server and ACS compatible routers (TR069).
For what exact purposes? I thought my business ended with me paying my monthly bill. Also, what exact info does he access and what can he do with the same??
Home Fiber
Yes they can access it from anywhere… Once I had issues and the Customer Care lady could just access my router…
Another time they texted (SMS) me my password and told me I should consider changing it…
Was Flabbergasted… Followed by acceptance…
All the info, for “technical support”.
ISPs have the habit of storing clients’ password in plaintext.
@Rick778877 kuna mtu ametaja dynamic DNS try that, VNC, TeamViewer.
Like log all of my data? Every bit that goes through my router?
They can even SSH and access router verbose logs.
Cyber hygiene dictates that you shouldn’t use your ISP provide router/cable modem as your primary CPE.
Buy a commercial router that supports DDWRT or Openwrt where you can have cplete control of your internal network.
If you have a low end unused computer or Raspberry pi you can create your own powerful router with inbuilt adblocker and firewall for your network. The comp needs at least two NICS.
The issue though is how to get it setup as the primary on let’s say Safaricon Home Fiber…
Unless you had the router available during the first installation and sweet talk the installers …
Plus since they like peeping around and installing updates in the background won’t they notice at some point…
What if I change the remote management settings? Like niweke another IP address?
Kama TP Link??