[Icecast] 8000 security risk?

Thomas B. Rücker thomas at ruecker.fi
Fri May 10 08:04:02 UTC 2019


Hi,

On 5/10/19 3:11 AM, Patricia Moynihan wrote:
> Are there any serious security risks for leaving port 8000 open to
> public use on icecast? I had wanted to limit to 8443 but it seems some
> radio devices cannot support this protocol.


The port number doesn't matter. I guess in your case you mean HTTP vs HTTPS.

The proper and terse answer is:

It doesn't matter if you use HTTP or HTTPS as long as you have a secure
configuration including managed and strong (not bruteforceable)
passwords AND you keep your Icecast server up to date wrt security
updates (currently Version 2.4.4).

From my anecdotal knowledge gained over 18 years of involvement in
Icecast, if people would follow the above two, then 99,9% of incidents
would not happen.

The longer answer is that it will also depend on your 'threat model' and
how you rate and address things that you consider 'risks' in this frame
of reference. There is no one-fits-all or immediate answer that fits
into this email.


Hope this helps,

Thomas





More information about the Icecast mailing list