 |
Lighthouse – Networking made easyNormally: $12.99 ZOT Price: $8.99 |
| Click to MacZOT |
|
|
|
|
;)
Lighthouse Makes Networking A Snap!Today on macZOT we are featuring a program that will take care of your networking needs with simplicity and ease. Because networking can be difficult, Georg at Codelaide created Lighthouse to help us all figure this whole router business out. Actually we don’t have to figure anything out. He did it for us! Does this sound familiar? You’ve got a router providing you with a wireless network everywhere in your house, but file sharing programs won’t work properly. You can’t show a web app you are working on to a client because they can’t connect to Apache on your Mac with their browser. Or you cannot connect to your Mac at home from work via FTP, SSH or VNC. The problem is that if you are using a router, other computers cannot connect directly to your Mac. What you need are port forwardings. And Lighthouse is the simplest way to manage them. With Lighthouse, you can organize port forwardings into profiles that can be started and stopped dynamically, even automatically when you launch the application that relies on a particular profile. Other features include:
Lighthouse makes the whole fuss about port forwardings a lot easier to handle.Here are just a few of the advantages of using Lighthouse.
If you’ve ever had networking woes, give Lighthouse a try! More information is available at Codelaide.com! Requirements: MacOSX 10.4 or later, UPnP or NAT/PMP enabled router |
April 4th, 2007 at 11:01 pm
Excellent app… give it a try! Definitely a great deal at the Zot price.
April 4th, 2007 at 11:38 pm
I am extremely tempted to buy this… Ill wait until tomorrow to see if a zotgeist appears before I do. Always good to save at least a little dough for the next zot! :)
April 5th, 2007 at 12:29 am
Agreed, this is a killer app. The developer is also extremely responsive.
April 5th, 2007 at 1:33 am
What’s a zotgeist?
April 5th, 2007 at 6:30 am
How does this work “Doesn’t require administrative access to the router” – if UPnP is not enabled on the router, don’t you need administrative access to turn it on first?
April 5th, 2007 at 6:35 am
I dont know about the apple base station but you dont need administrative rights to change settings on third party routers. Just the login name and password of the router.
April 5th, 2007 at 6:38 am
Oh, bad, bad idea. Please don’t go spreading the idea that upnp is a good idea. Why it’s enabled by default on most of today’s routers is beyond me…
Granted, it’s less of an issue here than in the Windows world, but it’s still such an enormous glaring security hole.
April 5th, 2007 at 6:38 am
“Just the login name and password of the router.” – To me that means administrative rights.
April 5th, 2007 at 7:37 am
@Lee
The name and password of the router is used to access it from your browser by entering the ip address. Usually 192.168.0.1 or 192.168.1.1
You do not need admin rights on the mac you are accessing the router from.
@Attabui
I agree that turning on upnp is normaly not recomended but if you are someone who needs the ease of this software as opposed to manual configuration of the router the this makes it more secure as the port forwarding is only enabled while needed then disabled when not.
April 5th, 2007 at 8:23 am
@Kevin
@Attabui
Hmmm… so does this leave me more vulnerable? Im don’t know a lot about networking and I had everything setup in my router for things like ARD and Growl, but this makes it a whole lot easier to turn on the other services that I turn on periodically, like ftp, http, ssh, etc So is this a good thing or bad thing?
@Kevin
I had no problems with my Apple Base Station, but I don’t know if that’s because I am an administrator, but it should have asked me if there was going to be a problem with it.. so I would say the ABS is all good.
@Sanjay Mehta
Long time ago, many of us bought into a “special” club that got us a little better deal at times. So not a big deal.. and it might have been worth it.. Im not sure if the money I saved compared to the money I spent made it worth it, but anyways, they’ll probably have another call for zotgeist members again in the future.
April 5th, 2007 at 9:44 am
@Rick Baskett,
Thanks. I was hoping it was something which would let me backorder offers I’d missed. Is there such a “Zot?”
April 5th, 2007 at 9:46 am
@Sanjay
You can know by logging into your account and if it says Zotgeist then you click on it and on the resulting page will be the discount. Otherwise if you do not see the link then I would say bite at the next Zotgeist offer! :)
April 5th, 2007 at 12:07 pm
Hey, I just wanted to answer the two questions that have cropped up here…
1) By “you don’t need administrative access to the router”, I meant that you do not need any router administration credentials in case that UPnP or NAT/PMP is already activated in the router. In recent Apple routers, NAT/PMP is on by default, and UPnP is enabled in the default configuration of most recent third-party routers.
If either is available and enabled, you can use Lighthouse at a friend’s house, for example, without knowing the password to their router.
It is, however, true that you need the router password to enable UPnP in the first place, that is, if it’s not already enabled by default.
2) UPnP does not pose “an enormous glaring security hole” in itself: It does *not* provide for anything that a *remote* attacker could exploit, that is, other than the port forwarding itself. However, you want the ports to be open in the first place in order to use the file sharing program (or other program) that relies on them. In this case, Lighthouse is actually safer since you can easily turn the forwarding off if you don’t need it anymore.
For example, in Rick’s case, he’s more secure using Lighthouse than using static port forwardings because he can completely turn off remote http/ftp/ssh access if he doesn’t need it for the moment. Static mappings are always active, meaning that his ftp/http/ssh servers are reachable *at all times*.
The only case were UPnP can be considered a security risk is when you have untrusted people on your local network, because in this case, they could install a port forwarding to access your network from their home. This means that only internal, not external users (from the internet) can use UPnP to do something evil.
However, if you’re in a small business office or at home, where you know the other users and trust them, UPnP doesn’t pose a security risk (well, not more than the Finder, since it could also be abused to delete files on your hard disk).
UPnP does *not* create a *remote* attack vector in itself.
I hope this clears up the questions. Happy zotting!
April 5th, 2007 at 12:38 pm
Thanks Georg, you’ve sold me! :)
April 5th, 2007 at 2:16 pm
I’m no security expert by any stretch, but I’ve heard Steve Gibson, grc.com, say to never have UPnP enabled. That was my first thought when I saw that. Is the developer saying that with this software, having UPnP enabled is infact a safe thing? That’s the first thing I do (dis-able it) when I install a new router for myself or someone else. So, if I’m the only who has access to my network, UPnP isn’t a security issue? That’s news to me if that’s the case.
Thanks
April 5th, 2007 at 2:33 pm
I could only get Lighthouse working once with a Linksys WRT54GS and latest generic firmware. It successfully opened the ssh port when starting the ssh profile, but generated an error when I stopped the profile it although the port was disabled. I’m still able to access the router from a web browser but Lighthouse just times out (even after multiple restarts). I haven’t tried restarting the router yet and obviously that would be an impractical workaround every time I wanted to use Lighthouse.
I’m still unsure about UPnP security concerns, too. I had it disabled before testing Lighthouse, which didn’t seem to have any negative impact networking applications I normally use.
Btw, love that icon-to-menubar animation when Lighthouse launches.
April 5th, 2007 at 2:47 pm
harringg, Steve Gibson is not saying that UPnP in itself is dangerous, but that a version of Windows included an *implementation* of UPnP that was buggy in a way that it allowed for remote code execution. This has nothing to do with UPnP as a protocol, the problem was a bug in the Windows-specific implementation.
Also, what he refers to is shutting off UPnP services in Windows XP, not in the router.
The full article is here: http://www.grc.com/unpnp/unpnp.htm
April 5th, 2007 at 2:55 pm
Thanks for the addition UPnP info, Georg!
April 6th, 2007 at 10:43 am
Is this registration code right? It’s several hundred characters long…. talk about security :)
April 17th, 2007 at 7:28 pm
This is a great app and is *extremely* well supported by the developer. It didn’t work due to a bug in my Netgear dg834 router, and within hours I received a solution from Georg himself.
Well worth the full price.
October 25th, 2007 at 1:04 pm
Hi
Does the absence of a ‘Buy’ button mean it’s no longer available through macZOT?
(First-time almost-purchaser)
October 27th, 2007 at 9:33 pm
Huh?