[Icecast] Protect Icecast Admin/Run on different port?
David Farrell
david at david-farrell.net
Wed Apr 3 07:07:32 UTC 2013
On 3 April 2013 02:19, Philipp Schafft <lion at lion.leolix.org> wrote:
> reflum,
>
> On Thu, 2013-03-28 at 14:28 +0000, David Farrell wrote:
> > Hi list,
> >
> > We're new to Icecast and we're looking at securing the admin functions.
> > I've trawled the docs but it's not clear to me if we are able to run
> > this on a different TCP port to the streams themselves.
> >
> > Has anyone with a little more experience any insight into this?
>
> Hi Philipp,
Thanks for your reply.
> You can not run the admin interface on a diffrent port.
> I also don't see how that should improve security.
>
> We would not expose the administrative port to the world, rather to a
range of trusted IP addresses.
> Which kind of attac do you try to protect against? Maybe I can help you
> if you tell a bit more about your overall goal.
>
> The goal is just really to restrict administrative access to the systems.
> In general: Use strong passwords. Avoid sending them in plain text.
>
That is a given, I have yet to investigate what external AAA resources we
can use in this case e.g. RADIUS, LDAP.
David.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.xiph.org/pipermail/icecast/attachments/20130403/ab8490b6/attachment-0001.htm>
More information about the Icecast
mailing list