Before I headed to Peru last week I wanted to be sure that I could access my computer from anywhere, even a locked down computer in an internet cafe. I prefer to use Terminal Services for Remote Desktop to my Windows machine, but I couldn't count on having access to mstsc.exe and the web-based remote desktop client requires ActiveX. HOBLink JWT is a nice Java applet client, but isn't free, so I decided to quickly install a VNC server and use it's Java viewer. I set it to listen to a non-default port (security through obscurity) and went to my router's admin interface. I already forward a handful of ports from my router (an old hackable Linksys WRT54G v2, since superseded by the WRT54GL) to my desktop to allow remote access to services like RDP and my web and ftp servers, and adding the additional ports should have been straightforward. Unfortunately I mistyped one of the start ports and ended up with something like this:
Start Port - End Port 1228 - 1229 1229 - 5900 5800 - 5800
Instead of 5900 - 5900 I ended up with 1229 - 5900, resulting in some overlap in the forwarded ports. It sounds like the firmware from Linksys will detect and warn you about this, but I'm using Sveasoft's Alchemy firmware for it's WDS capabilities. The side effects of the overlap were very bizarre:
- DNS worked
- ICMP (ping) worked
- Anything on my local network worked (TCP, UDP, ICMP, etc)
- Everything outside my local network worked for a few minutes after boot.
- Around 2 minutes after boot any TCP/UDP connection outside of my local network would time out
In addition to UltraVNC I'd also installed the latest version of Blackberry Desktop Manager for my Blackberry 8830, and that installed a pile of crap known as Roxio Media Manager which bestowed upon me no less than 5 services and background tasks. I used AutoRuns from Sysinternals to thin out services and startup programs, and when that didn't help I used Process Monitor (also from Sysinternals) to log all activity from boot until loss of connectivity. Process Monitor yielded nothing, WireShark, Ad-Aware and Spybot found nothing, and I even reset the TCP/IP stack. In a fit of desperation I changed my IP address, and everything immediately started working which lead me to look more closely at my router's settings.
