this is interesting, using ws_ftp pro I can create a connection to the hr20-100 by creating a site. site settings are http (not ftp), enter ip address and port # 49152 for server address, I had no passwords so those were blank.

program connects immediately and does show the "/" symbol for root, but so far no visible files showing up.

I am going to tweak my firewalls to make sure i'm not blocking anything, going to try some basic default usernames and password too.
may not lead anywhere but figured I'd mention it.

It is just ws_ftp_pro connection to the http service, like it was designed to.

Next to no chance you will be able to download anything from.
At least nothing of video content, or firmware.

You can telnet to that port too. Doesn't really do anything though.

I just thought it was interesting because prior to enabling ping all attempts (at least on my end) at http or ftp gave server not found error.
thats why I said it probably won't lead anywhere.

It is just ws_ftp_pro connection to the http service, like it was designed to.

Next to no chance you will be able to download anything from.
At least nothing of video content, or firmware.

True, but it's interesting that there's an HTTP service on the box at all. Trying to connect with Firefox returns a properly formatted HTTP/404 error, so it would appear that there is a service that understands HTTP requests.

It begs the question: if there's nothing that can yet be pulled off the box, then why expose the service in the first place?

Most people aren't going to connect their HR2x directly to the Internet -- most will have it behind a router or firewall, so DTV can't reach out and touch the box via the Internet. There's little to no chance that this is just a fluke either since the service understands and responds via HTML, so it's probably put there on purpose. The question is... why?

Brian

trying with ftp with anonymous info immediately brings up incorrect username/password error. trying some generic names takes a few seconds then gives same error, so it appears it is authenticating.
having no idea what a correct username/password here would be I gave up on that route, but it was interesting.

trying with ftp with anonymous info immediately brings up incorrect username/password error. trying some generic names takes a few seconds then gives same error, so it appears it is authenticating.
having no idea what a correct username/password here would be I gave up on that route, but it was interesting.

I don't think you would get anything via FTP. Telnet'ing to the server shows that there's no FTP welcome message or prompt for username or password. I believe that this is an HTTP-only server. I've looked for the normal welcome pages (index.htm(l), welcome.htm(l), etc.) but there's nothing there.

Here's the complete output from the server (request http://addr:49152/):

HTTP/1.1 404 Not Found
SERVER: Linux/2.6.18.8.ltt-Pace-1.109.4.19, UPnP/1.0 DIRECTV VIIV devices /1.0 DLNADOC/1.00 INTEL_NMPR/2.1
CONNECTION: close
CONTENT-LENGTH: 48
CONTENT-TYPE: text/html

<html><body><h1>404 Not Found</h1></body></html>

I had not yet had a chance to try telnet. probably correct that there is nothing there, just playing around with it.

It begs the question: if there's nothing that can yet be pulled off the box, then why expose the service in the first place?

To see if an active HTTP server running on the box causes any other unforeseen issues.

True, but it's interesting that there's an HTTP service on the box at all.This may have something to do with the media sharing features. Any more, the only port that you can have any hope of finding open routinely is port 80.

To see if an active HTTP server running on the box causes any other unforeseen issues.

Could be, but unless that server is active and doing something then it's really not any kind of valid test. The server opens an port and then calls "accept()" -- and then the process waits and does nothing unless someone connects to it.