[Icecast] Protect Icecast Admin/Run on different port?

David Farrell david at david-farrell.net
Wed Apr 3 07:08:04 UTC 2013


On 3 April 2013 02:19, Philipp Schafft <lion at lion.leolix.org> wrote:

> reflum,
>
> On Thu, 2013-03-28 at 14:28 +0000, David Farrell wrote:
> > Hi list,
> >
> > We're new to Icecast and we're looking at securing the admin functions.
> > I've trawled the docs but it's not clear to me if we are able to run
> > this on a different TCP port to the streams themselves.
> >
> > Has anyone with a little more experience any insight into this?
>
> Hi Philipp,

Thanks for your reply.


> You can not run the admin interface on a diffrent port.
> I also don't see how that should improve security.
>
> We would not expose the administrative port to the world, rather to a
range of trusted IP addresses.


> Which kind of attac do you try to protect against? Maybe I can help you
> if you tell a bit more about your overall goal.
>
> The goal is just really to restrict administrative access to the systems.


> In general: Use strong passwords. Avoid sending them in plain text.
>

That is a given, I have yet to investigate what external AAA resources we
can use in this case e.g. RADIUS, LDAP.

David.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20130403/8f3a04d3/attachment.htm>


More information about the Icecast mailing list