funsec mailing list archives
[Fwd: Flash Media Servers as Open Proxies]
From: Jon Kibler <Jon.Kibler () aset com>
Date: Thu, 03 Dec 2009 13:14:06 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - From NANOG. Anyone have more details regarding this? Jon - -- Jon R. Kibler Chief Technical Officer Advanced Systems Engineering Technology, Inc. Charleston, SC USA o: 843-849-8214 c: 843-813-2924 s: 843-564-4224 s: JonRKibler e: Jon.Kibler () aset com e: Jon.R.Kibler () gmail com http://www.linkedin.com/in/jonrkibler My PGP Fingerprint is: BAA2 1F2C 5543 5D25 4636 A392 515C 5045 CF39 4253 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.8 (Darwin) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAksX/+4ACgkQUVxQRc85QlOpzwCfY2wm4BC0azZuuyUwT7BSNyWX 2MsAoIiTseb8GQtl4ytQeiXC+fYVdvw6 =Xzpl -----END PGP SIGNATURE-----
--- Begin Message --- From: Marshall Eubanks <tme () americafree tv>
Date: Thu, 3 Dec 2009 12:45:54 -0500
I recently found out that the Adobe Flash Media Server (FMS) can operate "out of the box" as an open proxy, enabling other people to steal server resources and bandwidth. Furthermore, I also found that there is an ecosystem of pirates taking advantage of this "feature" to illegally stream sports events (and maybe other stuff as well). Each event uses multiple (stolen) servers and can amount to thousands of streams and Gbps of consumed bandwidth.I believe but am not 100% sure that there are similar problems with Window Media Servers.I would like to hear (off-list) from people who have experience fighting this so that we couldmaybe pool techniques. I will try to write this up further later. Regards Marshall Eubanks
--- End Message ---
_______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
Current thread:
- [Fwd: Flash Media Servers as Open Proxies] Jon Kibler (Dec 03)