The most simple and LEAST SECURE method of accessing Tivoweb from the internet is to simply open a port on you firewall / router directly to Tivo.
Warning: If using this method, anyone on the internet can acess your Tivo, delete program, etc, etc.
To make this method somewhat more secure, the following step may be implemented:
Change the port from the 80 (the default for webservers) to something else. Make this change on both the firewall and in the tivoweb.cfg file. However, a port scaner can still easily find the new port (port scans are common).
Add a password to the Tivoweb. This is done by editing the tivoweb.cfg file contained in the tivoweb directory on your tivo. However, someone can view the password when you enter it with a simple "packet sniffer". (This is not common unless someone has for some reason targeted you specifically.)
Limit the IP addresses which can connect to the open port of your firewall / router. Limit the IP address to that of your work computer or firewall, for example. (It is possible to spoof an IP address to get around this restriction, but this is not common unless someone has specifically targeted you and knows what IP address to spoof.)
SECURITY WARNING from Tivoweb readme:
It is a very bad idea to make a tivo IP accessable on the internet. Telnet
has no authentication and a DOS attack can easily crash a tivo. Even IP-based
access control can be bypassed by simple packet forging. TivoWeb-TCL does
provides basic authentication services by setting a username and password in
tivoweb.cfg. If you use this option you should make sure to only allow port
80 through to the tivo from known IPs at the router/firewall level. That is
probably sufficient protection for tivoweb. However a much better option is
to use apache (or IIS) as an authenticating proxy to your tivo. Below are
instructions on how to set that up. And an SSL authenticating proxy is even
better but can be difficult to setup depending on the OS/distribution used.
Corrections or updates for this page:
Note: Do not post questions, unrelated comments, or information of which your are uncertain. This section is reserved for corrections and updates only.
