PDA

View Full Version : Remote Streaming - Security?



Milan
2004-09-10, 03:24
So.... even if I restrict by IP, and password-protect SlimServer, I'm still
asking for trouble? If so that's a shame - port-forwarding using ssh sounds
beyond me!

-----Original Message-----
From: discuss-bounces (AT) lists (DOT) slimdevices.com
[mailto:discuss-bounces (AT) lists (DOT) slimdevices.com] On Behalf Of David Brittain
Sent: 10 September 2004 11:16
To: Slim Devices Discussion
Subject: [slim] Remote Streaming - Security?

I would suspect it is a big risk. AFAIK slimserver has not been audited from
a security point of view.

I use ssh and port-forward 9000.

Dave

Milan wrote:

> Hi,
>
> I'm considering opening port 9000 on my firewall to allow remote
> streaming, so I can listen to music at work. How much of a security
> risk is this?
>
> Cheers,
>
> bub.
>
>-----------------------------------------------------------------------
>-
>
>

David Brittain
2004-09-10, 04:50
I would have thought restricting to an IP address will help - as long
you trust everyone you work with ;). Although I am not an expert.

Dave

Milan wrote:

>So.... even if I restrict by IP, and password-protect SlimServer, I'm still
>asking for trouble? If so that's a shame - port-forwarding using ssh sounds
>beyond me!
>
>
>

Torgeir Veimo
2004-09-10, 05:01
On Fri, 2004-09-10 at 12:50 +0100, David Brittain wrote:
> I would have thought restricting to an IP address will help - as long
> you trust everyone you work with ;). Although I am not an expert.
>
> Dave
>
> Milan wrote:
>
> >So.... even if I restrict by IP, and password-protect SlimServer, I'm
> still
> >asking for trouble? If so that's a shame - port-forwarding using ssh
> sounds
> >beyond me!

It's not that hard. If you use linux at work, try running ssh like

ssh -f -L9000:127.0.0.1:9000 username@machinename tail -f /dev/null

and then connect to your local machine at port 9000.

--
Torgeir Veimo <torgeir (AT) pobox (DOT) com>

Jason Holtzapple
2004-09-10, 07:19
If you are going to use ssh, I recommend softsqueeze.

Softsqueeze has built-in ssh support so it is really easy. You just
need an ssh server running on the same box as your slimserver. See
the instructions on softsqueeze's web page for more info.

Torgeir Veimo wrote:
> On Fri, 2004-09-10 at 12:50 +0100, David Brittain wrote:
>
>>I would have thought restricting to an IP address will help - as long
>>you trust everyone you work with ;). Although I am not an expert.
>>
>>Dave
>>
>>Milan wrote:
>>
>>
>>>So.... even if I restrict by IP, and password-protect SlimServer, I'm
>>
>>still
>>
>>>asking for trouble? If so that's a shame - port-forwarding using ssh
>>
>>sounds
>>
>>>beyond me!
>
>
> It's not that hard. If you use linux at work, try running ssh like
>
> ssh -f -L9000:127.0.0.1:9000 username@machinename tail -f /dev/null
>
> and then connect to your local machine at port 9000.

Steve Baumgarten
2004-09-10, 07:21
> It's not that hard. If you use linux at work, try running ssh like
>
> ssh -f -L9000:127.0.0.1:9000 username@machinename tail -f /dev/null
>
> and then connect to your local machine at port 9000.

Of course this assumes you have something listening for ssh connections on
your home machine. Windows users don't, by default, so if you're running
Windows you have to do a little extra work first, i.e., download cygwin
and set up a ssh daemon:

http://www.cygwin.com/

Some how-to guides:

http://www.noah.org/ssh/cygwin-sshd.html
http://weblog.infoworld.com/udell/2003/12/17.html

Or even easier, you can install just the sshd for Windows without having
to bother with the rest of cygwin:

http://sshwindows.sourceforge.net/

I haven't tested this myself so I can't vouch for it. I know that sshd
under cygwin works just fine, though, and is reasonably easy to set up.

SBB

Tim Pozar
2004-09-10, 10:18
This may be a bug reported already as it has been bugging me for some
time. :-)

When I had about 1500 tracks in my library I had no problem with the
slimserver on my box. Once I started to rip my CD library, the
slimserver crashes after scanning about 4500 of my tracks. Any pointers
on this? What log files are needed to diagnose this?

I am currently running my slimserver on a FreeBSD 5.2.1 box.

Thanks...
Tim
--
1978 45th Ave / San Francisco CA 94116 / USA // POTS: +1 415 665 3790
GPG Fingerprint: 4821 CFDA 06E7 49F3 BF05 3F02 11E3 390F 8338 5B04
"Be who you are and say what you feel because the people who mind
don't matter and the people who matter don't mind." - Dr. Seuss

dean
2004-09-10, 21:03
Hi Tim,

When the server crashes, there should be some output in its log file.
If you start the server from the command line, you should see that
output right there.
Try that and let us know what you see.

-dean

On Sep 10, 2004, at 10:18 AM, Tim Pozar wrote:

> This may be a bug reported already as it has been bugging me for some
> time. :-)
>
> When I had about 1500 tracks in my library I had no problem with the
> slimserver on my box. Once I started to rip my CD library, the
> slimserver crashes after scanning about 4500 of my tracks. Any
> pointers on this? What log files are needed to diagnose this?
>
> I am currently running my slimserver on a FreeBSD 5.2.1 box.
>
> Thanks...
> Tim
> --
> 1978 45th Ave / San Francisco CA 94116 / USA // POTS: +1 415 665 3790
> GPG Fingerprint: 4821 CFDA 06E7 49F3 BF05 3F02 11E3 390F 8338 5B04
> "Be who you are and say what you feel because the people who mind
> don't matter and the people who matter don't mind." - Dr. Seuss
> <pozar.vcf>

Tim Pozar
2004-09-10, 22:31
dean blackketter wrote:
From /var/log/slimserver.log...
frame 0: Slim::Music::Info::updateCacheEntry
(/usr/local/slimserver/Slim/Music/Info.pm line 553)
frame 1: Slim::Music::Info::markAsScanned
(/usr/local/slimserver/Slim/Utils/Scan.pm line 451)
frame 2: Slim::Utils::Scan::readList
(/usr/local/slimserver/Slim/Utils/Scan.pm line 124)
frame 3: Slim::Utils::Scan::addToList
(/usr/local/slimserver/Slim/Control/Command.pm line 380)
frame 4: Slim::Control::Command::execute
(/usr/local/slimserver/Plugins/ShoutcastBrowser.pm line 1063)
frame 5: Plugins::ShoutcastBrowser::__ANON__
(/usr/local/slimserver/Slim/Hardware/IR.pm line 545)
frame 6: Slim::Hardware::IR::executeButton
(/usr/local/slimserver/Slim/Control/Command.pm line 207)
frame 7: Slim::Control::Command::execute
(/usr/local/slimserver/Slim/Hardware/IR.pm line 569)
frame 8: Slim::Hardware::IR::processCode
(/usr/local/slimserver/Slim/Hardware/IR.pm line 429)
frame 9: Slim::Hardware::IR::releaseCode
(/usr/local/slimserver/Slim/Hardware/IR.pm line 327)
frame 10: Slim::Hardware::IR::checkRelease
(/usr/local/slimserver/Slim/Utils/Timers.pm line 52)
frame 11: Slim::Utils::Timers::checkTimers
(/usr/local/slimserver/slimserver.pl line 396)
frame 12: main::idle (/usr/local/slimserver/slimserver.pl line 366)
frame 13: main::main (/usr/local/slimserver/slimserver.pl line 823)

print() on closed filehandle Symbol::GEN37 at
/usr/local/lib/perl5/5.6.1/mach/IO/Handle.pm line 394.
print() on closed filehandle Symbol::GEN37 at
/usr/local/lib/perl5/5.6.1/mach/IO/Handle.pm line 394.
print() on closed filehandle Symbol::GEN37 at
/usr/local/lib/perl5/5.6.1/mach/IO/Handle.pm line 394.
Can't locate object method "offset" via package "Audio::Wav::Read"
(perhaps you forgot to load "Audio::Wav::Read"?) at
/usr/local/slimserver/Slim/Formats/Wav.pm line 53.
Can't locate object method "offset" via package "Audio::Wav::Read"
(perhaps you forgot to load "Audio::Wav::Read"?) at
/usr/local/slimserver/Slim/Formats/Wav.pm line 53.
Can't locate object method "offset" via package "Audio::Wav::Read"
(perhaps you forgot to load "Audio::Wav::Read"?) at
/usr/local/slimserver/Slim/Formats/Wav.pm line 53.
Can't locate object method "offset" via package "Audio::Wav::Read"
(perhaps you forgot to load "Audio::Wav::Read"?) at
/usr/local/slimserver/Slim/Formats/Wav.pm line 53.

This is using the slimserver in /usr/ports/audio/slimserver/ which is
5.2.1. I also had this problem with 5.1.x.

Thanks...
Tim

> Hi Tim,
>
> When the server crashes, there should be some output in its log file.
> If you start the server from the command line, you should see that
> output right there.
> Try that and let us know what you see.
>
> -dean
>
> On Sep 10, 2004, at 10:18 AM, Tim Pozar wrote:
>
>> This may be a bug reported already as it has been bugging me for some
>> time. :-)
>>
>> When I had about 1500 tracks in my library I had no problem with the
>> slimserver on my box. Once I started to rip my CD library, the
>> slimserver crashes after scanning about 4500 of my tracks. Any
>> pointers on this? What log files are needed to diagnose this?
>>
>> I am currently running my slimserver on a FreeBSD 5.2.1 box.
>>
>> Thanks...
>> Tim
>> --
>> 1978 45th Ave / San Francisco CA 94116 / USA // POTS: +1 415 665 3790
>> GPG Fingerprint: 4821 CFDA 06E7 49F3 BF05 3F02 11E3 390F 8338 5B04
>> "Be who you are and say what you feel because the people who mind
>> don't matter and the people who matter don't mind." - Dr. Seuss
>> <pozar.vcf>

dean
2004-09-11, 00:19
It looks to be failing while scanning a WAV file in your library. I
think that this might be a problem due to the BSD port using an
external version of the CPAN Audio::Wav library rather than the one
that comes with SlimServer.

I don't have a BSD system here to check this on. Does anybody who's
familiar with the BSD port see this?

-dean

On Sep 10, 2004, at 10:31 PM, Tim Pozar wrote:

> dean blackketter wrote:
> From /var/log/slimserver.log...
> frame 0: Slim::Music::Info::updateCacheEntry
> (/usr/local/slimserver/Slim/Music/Info.pm line 553)
> frame 1: Slim::Music::Info::markAsScanned
> (/usr/local/slimserver/Slim/Utils/Scan.pm line 451)
> frame 2: Slim::Utils::Scan::readList
> (/usr/local/slimserver/Slim/Utils/Scan.pm line 124)
> frame 3: Slim::Utils::Scan::addToList
> (/usr/local/slimserver/Slim/Control/Command.pm line 380)
> frame 4: Slim::Control::Command::execute
> (/usr/local/slimserver/Plugins/ShoutcastBrowser.pm line 1063)
> frame 5: Plugins::ShoutcastBrowser::__ANON__
> (/usr/local/slimserver/Slim/Hardware/IR.pm line 545)
> frame 6: Slim::Hardware::IR::executeButton
> (/usr/local/slimserver/Slim/Control/Command.pm line 207)
> frame 7: Slim::Control::Command::execute
> (/usr/local/slimserver/Slim/Hardware/IR.pm line 569)
> frame 8: Slim::Hardware::IR::processCode
> (/usr/local/slimserver/Slim/Hardware/IR.pm line 429)
> frame 9: Slim::Hardware::IR::releaseCode
> (/usr/local/slimserver/Slim/Hardware/IR.pm line 327)
> frame 10: Slim::Hardware::IR::checkRelease
> (/usr/local/slimserver/Slim/Utils/Timers.pm line 52)
> frame 11: Slim::Utils::Timers::checkTimers
> (/usr/local/slimserver/slimserver.pl line 396)
> frame 12: main::idle (/usr/local/slimserver/slimserver.pl line 366)
> frame 13: main::main (/usr/local/slimserver/slimserver.pl line 823)
>
> print() on closed filehandle Symbol::GEN37 at
> /usr/local/lib/perl5/5.6.1/mach/IO/Handle.pm line 394.
> print() on closed filehandle Symbol::GEN37 at
> /usr/local/lib/perl5/5.6.1/mach/IO/Handle.pm line 394.
> print() on closed filehandle Symbol::GEN37 at
> /usr/local/lib/perl5/5.6.1/mach/IO/Handle.pm line 394.
> Can't locate object method "offset" via package "Audio::Wav::Read"
> (perhaps you forgot to load "Audio::Wav::Read"?) at
> /usr/local/slimserver/Slim/Formats/Wav.pm line 53.
> Can't locate object method "offset" via package "Audio::Wav::Read"
> (perhaps you forgot to load "Audio::Wav::Read"?) at
> /usr/local/slimserver/Slim/Formats/Wav.pm line 53.
> Can't locate object method "offset" via package "Audio::Wav::Read"
> (perhaps you forgot to load "Audio::Wav::Read"?) at
> /usr/local/slimserver/Slim/Formats/Wav.pm line 53.
> Can't locate object method "offset" via package "Audio::Wav::Read"
> (perhaps you forgot to load "Audio::Wav::Read"?) at
> /usr/local/slimserver/Slim/Formats/Wav.pm line 53.
>
> This is using the slimserver in /usr/ports/audio/slimserver/ which is
> 5.2.1. I also had this problem with 5.1.x.
>
> Thanks...
> Tim
>
>> Hi Tim,
>> When the server crashes, there should be some output in its log file.
>> If you start the server from the command line, you should see that
>> output right there.
>> Try that and let us know what you see.
>> -dean
>> On Sep 10, 2004, at 10:18 AM, Tim Pozar wrote:
>>> This may be a bug reported already as it has been bugging me for
>>> some time. :-)
>>>
>>> When I had about 1500 tracks in my library I had no problem with the
>>> slimserver on my box. Once I started to rip my CD library, the
>>> slimserver crashes after scanning about 4500 of my tracks. Any
>>> pointers on this? What log files are needed to diagnose this?
>>>
>>> I am currently running my slimserver on a FreeBSD 5.2.1 box.
>>>
>>> Thanks...
>>> Tim
>>> --
>>> 1978 45th Ave / San Francisco CA 94116 / USA // POTS: +1 415 665 3790
>>> GPG Fingerprint: 4821 CFDA 06E7 49F3 BF05 3F02 11E3 390F 8338 5B04
>>> "Be who you are and say what you feel because the people who mind
>>> don't matter and the people who matter don't mind." - Dr. Seuss
>>> <pozar.vcf>

Tim Pozar
2004-09-22, 09:56
On Sat, Sep 11, 2004 at 12:19:51AM -0700, dean blackketter wrote:
> It looks to be failing while scanning a WAV file in your library. I
> think that this might be a problem due to the BSD port using an
> external version of the CPAN Audio::Wav library rather than the one
> that comes with SlimServer.
>
> I don't have a BSD system here to check this on. Does anybody who's
> familiar with the BSD port see this?

That seems to be the trick. When I took out the wav files out of
the directory it has been staying up.

Tim