PDA

View Full Version : SLiM server hacked?



Mark Palmberg
2005-02-07, 12:18
Turns out it wasn't much of a hack, after all, just a little
(relatively) harmless pranksterism. Someone simply accessed the Web
interface for my player (which was behind my router firewall but not
password protected) and got into the server settings. There, they
added a new entry for the display formatting with the aforementioned
text and selected that option. So all I had to do was delete that
entry.

I've been running a SLiM server for quite a while now (couple years?)
and never had any trouble like this. Yes, I guess I should've had it
password protected. I suspect, as some of you do, that it's no
coincidence this shows up after the Google/Webcam story broke. I
suppose it was only a matter of time.

So, now my server is sitting behind two firewalls and is password
protected. It'd be nice to be able to have the server open for
listening access but be able to password protect access to the server
settings. *shrug*

ron thigpen
2005-02-07, 12:25
Mark Palmberg wrote:

> So, now my server is sitting behind two firewalls and is password
> protected. It'd be nice to be able to have the server open for
> listening access but be able to password protect access to the server
> settings. *shrug*

http://bugs.slimdevices.com/show_bug.cgi?id=437

--rt

Jack Coates
2005-02-07, 12:33
Mark Palmberg wrote:
> Turns out it wasn't much of a hack, after all, just a little
> (relatively) harmless pranksterism. Someone simply accessed the Web
> interface for my player (which was behind my router firewall but not
> password protected) and got into the server settings. There, they
> added a new entry for the display formatting with the aforementioned
> text and selected that option. So all I had to do was delete that
> entry.

Um, if it's behind your router firewall, then how'd they get to it?
Wardriving a wireless connection? Or is Internet access to slimserver
allowed (explicitly, or implicitly via uPNP (turn it off right now, it's
EVIL))?

--
Jack at Monkeynoodle dot Org: It's a Scientific Venture...
Riding the Emergency Third Rail Power Trip since 1996!

Joshua Uziel
2005-02-07, 12:56
* Jack Coates <jack (AT) monkeynoodle (DOT) org> [050207 11:34]:
> Um, if it's behind your router firewall, then how'd they get to it?
> Wardriving a wireless connection? Or is Internet access to slimserver
> allowed (explicitly, or implicitly via uPNP (turn it off right now,
> it's EVIL))?

You can do port forwarding through the firewall to a specific port on a
specific machine on your network.

Jack Coates
2005-02-07, 13:34
Joshua Uziel wrote:
> * Jack Coates <jack (AT) monkeynoodle (DOT) org> [050207 11:34]:
>
>>Um, if it's behind your router firewall, then how'd they get to it?
>>Wardriving a wireless connection? Or is Internet access to slimserver
>>allowed (explicitly, or implicitly via uPNP (turn it off right now,
>>it's EVIL))?
>
>
> You can do port forwarding through the firewall to a specific port on a
> specific machine on your network.

right, which is covered by the explicit part above.

--
Jack at Monkeynoodle dot Org: It's a Scientific Venture...
Riding the Emergency Third Rail Power Trip since 1996!