On Mon Nov 28 19:54:25 GMT 2016, d.lake wrote:
someone has obviously gone out looking for a server
... As someone outside the UK, I can assure you there exist
plenty of sites (yes, many of which Russia based) that perform
port scanning to find vulnerabilities/misconfiguration in UK
based machi
I think what surprises me is that someone has obviously gone out looking for a
server to capture live BBC TV on and spent time/money building THREE servers
with which to do it.
Some people need to get out a little bit more...
And yes, the advice and suggestions here have been very useful indeed
On 28/11/16 13:40, d.l...@surrey.ac.uk wrote:
>
> I run my get_iplayer server on a VPS using a VERY unusual port number. I
> had assumed that would be good enough, but it wasn't.
>
How unusual is 'unusual'?
There's only 65536 to scan :-) Doesn't take long.
Some excellent advice here on
" someone outside the machine is sending requests to that script"
Exactly so, and if they weren't located in Russia, I'd have their guts for
garters.
-Original Message-
From: get_iplayer [mailto:get_iplayer-boun...@lists.infradead.org] On Behalf Of
Jeremy Nicoll - ml gip
Sent: 28 Novemb
On 2016-11-28 16:26, da...@harleystreet.net wrote:
Clearly I have not understood at all.
I thought get_iplayer.cgi was the script which was being accessed by
unauthorised folk and
thus being told to do stuff not desired by you.
If so, then protecting where it is located by .htaccess would surel
On Mon, Nov 28, 2016 at 04:40:53PM +, d.l...@surrey.ac.uk wrote:
>I am sort-of trying to protect the port, but given that I access my server
>from a whole heap of locations and I can't say in advance what those source
>IPs will be, it will make it all rather cumbersome.
ssh tunnel. Bind the
I think I have no explained it very well at all ...!
Here goes. I run get_iplayer web frontend using the PERL script
(get_iplayer.cgi) which listens on a port (we'll call it 1234) and presents a
nicely formatted web page.
Some 'orrible urchin has discovered that I run get_iplayer on port 1234
Clearly I have not understood at all.
I thought get_iplayer.cgi was the script which was being accessed by
unauthorised folk and
thus being told to do stuff not desired by you.
If so, then protecting where it is located by .htaccess would surely have
worked?
If it is not get_iplayer.cgi which
Noted. Thanks - another good idea :-)
-Original Message-
From: Nigel Taylor [mailto:njtaylor0...@btinternet.com]
Sent: 28 November 2016 14:57
To: Lake D Mr (PG/R - Elec Electronic Eng) ;
da...@harleystreet.net
Cc: get_iplayer@lists.infradead.org
Subject: Re: Get_iplayer is streaming liv
Run get_iplayer.cgi with option -l 127.0.0.1 -p 1935 to only listen on
localhost port 1935.
Set up sshd, to allow port forwarding
then to access get_iplayer web pages.
ssh -f -L 1935:localhost:1935 host
Then just point browser to http://localhost:1935/
ssh should use keys with a passphrase.
Oooh. That is a superb idea.
Makes it nice and easy to secure.
Thanks!
D
-Original Message-
From: get_iplayer [mailto:get_iplayer-boun...@lists.infradead.org] On Behalf Of
Graham Cobb
Sent: 28 November 2016 14:32
To: get_iplayer@lists.infradead.org
Subject: Re: Get_iplayer is streamin
I don't use any standard ports for anything I also only use SSH with a
private cert.
It's running as a VM on a VM which I snapshot daily. If someone breaks in and
breaks it (which they haven't in 5 years), I tear it down and start another.
But yeah - running anything as root is a stupid i
"Am I missing something?"
Sorry, but yes you are.It is not running as a cgi script pulled from a
webpage - it is running as a bit of Perl scripting which just happens to have a
.cgi ending.
So, it is NOT a web-based cgi script which I could protect. It is a Perl
Daemon that runs detached
You protect the directory where the cgi file is located and then folk can't run
it because
they can't access it.
Am I missing something?
> Correct, but that is not how the cgi script runs. It is not a regular
> Apache/HTTPD cgi-bin
>
> It runs as a Daemon. It doesn't read from a directory so
On 28/11/16 14:01, Nick wrote:
> On Mon, 28 Nov 2016 12:40:58 +
> wrote:
>> Because I spend a lot of my time travelling, all my music and radio
>> downloads are stored on a cloud VPS server. I can't really block
>> down by IP address because I don't really know where I'll be
>> connecting fr
Correct, but that is not how the cgi script runs. It is not a regular
Apache/HTTPD cgi-bin
It runs as a Daemon. It doesn't read from a directory so it won't pick up any
htaccess/htpassword.
I think I need to put a password module into the cgi script.
David
-Original Message-
From: d
I don't understand the problem.
As explained at the url I gave...
A typical .htaccess file looks like the following:
AuthUserFile /path/to/.htpasswd
AuthType Basic
AuthName "My restricted Area"
Require valid-user
Then your .htpasswd is placed at the location referenced above.
> Yes, but that
Yes, but that is for Apache, isn't it?
I thought that get_iplayer.cgi ran as a Daemon (written in Perl). How do I
apply standard htaccess to that ?
Please excuse me if I'm being a little thick today (or at least more than
usual).
-Original Message-
From: da...@harleystreet.net [mailt
On Mon, 28 Nov 2016 12:40:58 +
wrote:
> I suspect the aim is to stream BBC TV programmes from outside the
> UK...
>
> I run my get_iplayer server on a VPS using a VERY unusual port
> number. I had assumed that would be good enough, but it wasn't.
>
> Because I spend a lot of my time trave
> The answer is going to be some .htaccess-like username/password.
It's pretty simple to create a password file using something like this...
http://www.web2generators.com/apache-tools/htpasswd-generator
___
get_iplayer mailing list
get_iplayer@lists.
Unfortunately, as I don't know where in the world I'll be connecting from, it
does have to be available to the world
VPN is fine, but I'm usually VPN-ed in already to work and VPN-over-VPN is not
do-able. Also, not everywhere allows VPN or performance tanks.
The answer is going to be some
I suspect the aim is to stream BBC TV programmes from outside the UK...
I run my get_iplayer server on a VPS using a VERY unusual port number. I had
assumed that would be good enough, but it wasn't.
Because I spend a lot of my time travelling, all my music and radio downloads
are stored on a
On 2016-11-28 12:17, d.l...@surrey.ac.uk wrote:
Mystery solved.
Someone somewhere has set up a site which accesses my get_iplayer cgi
script and kicks off downloading from live TV.
With what aim - just to slow your machine down? (It's hard to believe
that
such a person would be a closet cbb
On Mon, Nov 28, 2016 at 12:17:30PM +, d.l...@surrey.ac.uk wrote:
>Now, does anyone know how to password protect the CGI script ? I don't
>think I can do this with normal .htacess
Um, don't expose your web server to the world?
If you need to get at it from outside, use a VPN.
___
Mystery solved.
Someone somewhere has set up a site which accesses my get_iplayer cgi script
and kicks off downloading from live TV.
NICE.
Now, does anyone know how to password protect the CGI script ? I don't
think I can do this with normal .htacess
Thanks
David
-Original Message--
On 2016-11-28 10:08, d.l...@surrey.ac.uk wrote:
export IPLAYER_OUTDIR=/home/Media/iPlayer
/usr/bin/perl /root/get_iplayer_dev/get_iplayer/get_iplayer.cgi
--port=8080 --getiplayer=/root/get_iplayer_dev/get_iplayer/get_iplayer
... to start get_iplayer
Where do I look for an options file? I have
On 24/11/16 09:17, Roger Bell_West wrote:
On Thu, Nov 24, 2016 at 08:47:20AM +, Budge wrote:
pvrsearch = The_Now_Show
search0 = The Now Show
type = radio
My question, why does the pvr item no longer work. What has changed?
I don't know, but my PVR file:
metadata generic
export IPLAYER_OUTDIR=/home/Media/iPlayer
/usr/bin/perl /root/get_iplayer_dev/get_iplayer/get_iplayer.cgi --port=8080
--getiplayer=/root/get_iplayer_dev/get_iplayer/get_iplayer
... to start get_iplayer
Where do I look for an options file? I have nothing in the PVR and no
streaming set-up as fa
On 2016-11-28 09:11, d.l...@surrey.ac.uk wrote:
Hello
I have a very strange problem with get_iplayer.
When I start get_iplayer, it immediately connects to a whole range of
TV channels and starts downloading live video from a range of
channels. This is eating my bandwidth and I really don't wa
Hello
I have a very strange problem with get_iplayer.
When I start get_iplayer, it immediately connects to a whole range of TV
channels and starts downloading live video from a range of channels. This is
eating my bandwidth and I really don't want it happening !
Any idea?
Thanks
David
Exa
30 matches
Mail list logo