PDA

View Full Version : I can't use "Add/Remove Programs" need another route to install Personal Web Server!


Kaiser Tang
06/07/2007, 10:52 AM
My only computer is my laptop which comes from my company. They have disabled the "Add/Remove Programs" feature. How can I install "Internet Information Services or Personal Web Server" on Windows XP so that I can connect to my AC III over the internet through AquaNotes 3.4?

Lutefisk
06/07/2007, 11:07 AM
I might be missing something here.

I'm assuming that you want to connect to your ACIII from a remote location.

You can do that two ways:
1) You can use port forwarding on your router (assuming you have one) to make the ACIII's internal webserver accessible from the internet. (Be sure to setup a good password and login name) This is probably the most common method but does expose your ACIII to the possibility of people breaking in and destroying your reef - e.g. setting temp too high or too low.

2) You can install the IIS or Personal Web Server on your home computer that is also running AquaNotes.

Unless I'm misunderstanding something you don't need to install those programs on the computer that you are using to remotely access your ACIII.


Paul

Captain Quirk
06/07/2007, 11:18 AM
That was my take on this, as well.

He doesn't need anything installed on the laptop but an internet browser.

Port forwarding (for Pete's sake DON'T forward from 80! Choose a different port!) and a good username/password makes perfect sense here.

I'd stay a mile away from setting up IIS on the home PC. Keeping IIS secure is a full time job for some of us...

Kaiser Tang
06/07/2007, 11:58 AM
OK, this is what I want to do. I have already establish the internet connection to my AC III through my router. I can access my AC III online. Now I want to use the AquaNotes. I do I set that up? Do I need the IIS if I have already established the interntet connection?

Lutefisk
06/07/2007, 12:24 PM
<a href=showthread.php?s=&postid=10096533#post10096533 target=_blank>Originally posted</a> by Kaiser Tang
OK, this is what I want to do. I have already establish the internet connection to my AC III through my router. I can access my AC III online. Now I want to use the AquaNotes. I do I set that up? Do I need the IIS if I have already established the interntet connection?

That should be possible but I haven't heard of anyone doing it.

You would need to find out what ports and protocols AquaNotes uses in communicating with the ACIII and do a little port forwarding footwork with your router. I thought I heard something about it using telenet which I think is typically port 23. One way to figure out would be to watch your router's status screens while AquaNotes is updating from the ACIII.

Neptune has been a little quiet about the protocol and commands AquaNotes uses because they don't want to deal with the aftermath of people shooting themselves in the foot.

Hopefully someone already has the info and could post it.

Regardless, you shouldn't need IIS.

Paul

Kaiser Tang
06/07/2007, 12:45 PM
I have XP Pro, so, I have IIS. I just need to know how to install it without going through "Add/Remove Programs"

Lutefisk
06/07/2007, 03:16 PM
I was assuming that you just wanted to run AquaNotes from a remote location. If that is true then you don't need IIS.

Do you want to run both AquaNotes with a webserver from a remote location? Are you sure you need a webserver? With a locked-down computer I personally don't have any good ideas.

Kaiser Tang
06/07/2007, 05:43 PM
All I want is to access my AC III from any location away from home using the AquaNotes program.

clp
06/07/2007, 06:18 PM
Then all you need to do is setup your router to pass tcp port 23 to the AquaController's IP address. Then put WAN ip address into the config tab of the tank database window, and AquaNotes will then be able to connect over the internet to your controller.

Curt

Kaiser Tang
06/07/2007, 07:29 PM
Do I have to change the http port on the AC III?

Lutefisk
06/08/2007, 08:07 AM
<a href=showthread.php?s=&postid=10099599#post10099599 target=_blank>Originally posted</a> by Kaiser Tang
Do I have to change the http port on the AC III?

I can't think of any reason why you would have to do that.

I think someone suggested using the port fowarding configuration on your router to map a port other than 80 to port 80 on your ACIII.

The idea is that someone is running a port-scanner on your IP address that they are less likely to discover that you are hosting a web server (which might make you a likely candidate for hacking).

Paul

Kaiser Tang
06/08/2007, 09:11 AM
OK, so help me fill in this screen. This is where I would map the route on my router.

http://www.kaiserreefworks.com/pictures/image004.jpg

Kaiser Tang
06/08/2007, 09:16 AM
Specifically, "Port (or Range)" and "Map to Host Port". I'm guessing that is should be "From: 23 To: 80" for the "Port (or Range) and "23" for "Map to Host Port"?????

Lutefisk
06/08/2007, 09:33 AM
Let's do it plain vanilla to start (I like vanilla). You can change the incoming ports to fool port scanners once you get it working.

I believe this will work. Perhaps someone else can verify it.

Application name: Telnet
Protocol: TCP
Port (or Range): From 23 To: 23
Timeout: Default
Map to Host Port: 23
Application Type: None(Default)

Then do it again for a different application:
Application name: Webserver
Protocol: TCP
Port (or Range): From 80 To: 80
Timeout: Default
Map to Host Port: 80
Application Type: None(Default)


Paul

lvreefer
06/08/2007, 09:49 AM
<a href=showthread.php?s=&postid=10102891#post10102891 target=_blank>Originally posted</a> by Lutefisk
Let's do it plain vanilla to start (I like vanilla). You can change the incoming ports to fool port scanners once you get it working.

I believe this will work. Perhaps someone else can verify it.

Application name: Telnet
Protocol: TCP
Port (or Range): From 23 To: 23
Timeout: Default
Map to Host Port: 23
Application Type: None(Default)

Then do it again for a different application:
Application name: Webserver
Protocol: TCP
Port (or Range): From 80 To: 80
Timeout: Default
Map to Host Port: 80
Application Type: None(Default)


Paul
I agree that this is the correct default port use and setup. You might even try changing the Application Type: None(Default) to Application Type: FTP. It might fill in the default settings for this application. Over all it should be the same setup that you used for the http forwarder that we setup. Except use port 23 instead of 80.

lvreefer
06/08/2007, 09:53 AM
As far as the add/remove program question you are probably out of luck. It sounds like they locked it down with a GPO and if done properly, the GPO will uninstall programs that are not approved the next time it connects to the company network. You can hack the admin account but you run the risk of your IT guys finding out.

Kaiser Tang
06/08/2007, 10:18 AM
You guys have been right so far, so I'm sure it will work. I'll give it a shot when I get home this afternoon and let you know what happens. Thanks!

Kaiser Tang
06/08/2007, 07:26 PM
No luck. But I'd willing to be that its a setting in the AquaNotes program that is preventing me from getting through. I'm going to start a new thread or call Neptune Systems to get some help with the program settings.

Lutefisk
06/09/2007, 02:15 PM
Hang in there. You'll get it running.

Paul

nhlives
06/20/2007, 11:49 AM
Personal IIS is considered to be part of the OS. It is installed from the original DVD/CD. Furthermore in addition to a GPO to block Add/Remove Programs, there is a GPO to block the installation of IIS. I would expect that GPO to be in effect also.

While you can hack the OS to remove the effect of the GPO the result may be temporary. As soon as your latop is back on the corporate network and can contact a domain controller, the GPO will be re-instated.