[Icecast] Why I responded publicly [WAS: admin console]

Marvin Scholz epirat07 at gmail.com
Fri Feb 14 14:53:59 UTC 2020 

On 14 Feb 2020, at 9:40, user wrote:

>> On Thu, 2020-02-13 at 14:59 +0000, user wrote:
>>> Philipp Schafft, who allow you to publish my private message?
>>
>> I could also ask who allowed you to send me unwanted private 
>> messages?
>
> At this point any message from Philipp Schafft to me becomes 
> absolutely
> unwanted.
>
>> In fact I did not notice it was sent privately until after my reply. 
>> It
>
> Notice can be found on third string of the quoted header. There is no 
> other
> recipients, only Philipp Schafft, who trying to talk about security, 
> but
> does not respect privacy as we see now.
>
>  Date: Tue, 11 Feb 2020
>  From: user <5f787a at ...>
>  To: Philipp Schafft <lion at lion.leol...>
>  Subject: Re: [Icecast] admin console
>

Sorry but did you only came to this ML to troll? If so, please do that 
somewhere
else.

Claiming you reverse proxy Icecast for „security reasons“ you fail 
to further detail
and then when asked about your reverse proxy setup refuse to give any 
information
whatsoever and just replied „No“ is just quite a troll behavior.

If you are not interested in helping improving things, discuss things 
publicly
and help others out, I don’t really see why you even write to this 
list at all.

>> Good evening,
>>
>> On Thu, 2020-02-06 at 19:20 +0000, user wrote:
>>> 2020-01-08 09:59, Marvin Scholz wrote:
>>>>>> On Mon, 2020-01-06 at 10:24 +0000, user wrote:
>>>>>
>>>>> I'm consider to put icecast behind reverse proxy. It is not so 
>>>>> easy
>>>>> as I think before. Does anyone have experience with it?
>>>>
>>>> In general putting Icecast behind a reverse proxy is not the best 
>>>> idea
>>>> as some webservers are not really made out of the box to easily 
>>>> deal
>>>> with the kind of usage Icecast will usually produce (long running
>>>> connections serving a continuous stream). Additionally Icecast is 
>>>> not
>>>> really capable currently do deal with being reverse-proxied 
>>>> properly
>>>> so some things will break when doing that.
>>>>
>>>> So unless you want to shoot yourself in the foot and run into 
>>>> various
>>>> issues I would not recommend to do it.
>>>
>>> Expectation on malicious activity force me to put icecast behind 
>>> reverse
>>> proxy. It was not easy, but works very well.
>>
>> So, what kind of "malicious activity" exactly? And what exact HTTP 
>> level
>> software is more robust against those activities than Icecast?
>>
>> I'm fully in support that active components on lower levels can be 
>> helpful
>> in some situations. But I would love to hear about any analysis 
>> indicating
>> specific request patterns that would be better handled by external
>> software. If you would share your information rather than keeping us 
>> in
>> the dark about specifics it would enable us to improve Icecast for 
>> all
>> users including you. :)
>>
>> With best regards,
>
>  1. First of all I would like to deny access to everything except
> ...

More information about the Icecast mailing list