> On Thu, 2020-02-13 at 14:59 +0000, user wrote: > > Philipp Schafft, who allow you to publish my private message? > > I could also ask who allowed you to send me unwanted private messages?At this point any message from Philipp Schafft to me becomes absolutely unwanted.> In fact I did not notice it was sent privately until after my reply. ItNotice can be found on third string of the quoted header. There is no other recipients, only Philipp Schafft, who trying to talk about security, but does not respect privacy as we see now. Date: Tue, 11 Feb 2020 From: user <5f787a at ...> To: Philipp Schafft <lion at lion.leol...> Subject: Re: [Icecast] admin console > Good evening, > > On Thu, 2020-02-06 at 19:20 +0000, user wrote: > > 2020-01-08 09:59, Marvin Scholz wrote: > > > >> On Mon, 2020-01-06 at 10:24 +0000, user wrote: > > > > > > > > I'm consider to put icecast behind reverse proxy. It is not so easy > > > > as I think before. Does anyone have experience with it? > > > > > > In general putting Icecast behind a reverse proxy is not the best idea > > > as some webservers are not really made out of the box to easily deal > > > with the kind of usage Icecast will usually produce (long running > > > connections serving a continuous stream). Additionally Icecast is not > > > really capable currently do deal with being reverse-proxied properly > > > so some things will break when doing that. > > > > > > So unless you want to shoot yourself in the foot and run into various > > > issues I would not recommend to do it. > > > > Expectation on malicious activity force me to put icecast behind reverse > > proxy. It was not easy, but works very well. > > So, what kind of "malicious activity" exactly? And what exact HTTP level > software is more robust against those activities than Icecast? > > I'm fully in support that active components on lower levels can be helpful > in some situations. But I would love to hear about any analysis indicating > specific request patterns that would be better handled by external > software. If you would share your information rather than keeping us in > the dark about specifics it would enable us to improve Icecast for all > users including you. :) > > With best regards, 1. First of all I would like to deny access to everything except ...
Marvin Scholz
2020-Feb-14 14:53 UTC
[Icecast] Why I responded publicly [WAS: admin console]
On 14 Feb 2020, at 9:40, user wrote:>> On Thu, 2020-02-13 at 14:59 +0000, user wrote: >>> Philipp Schafft, who allow you to publish my private message? >> >> I could also ask who allowed you to send me unwanted private >> messages? > > At this point any message from Philipp Schafft to me becomes > absolutely > unwanted. > >> In fact I did not notice it was sent privately until after my reply. >> It > > Notice can be found on third string of the quoted header. There is no > other > recipients, only Philipp Schafft, who trying to talk about security, > but > does not respect privacy as we see now. > > Date: Tue, 11 Feb 2020 > From: user <5f787a at ...> > To: Philipp Schafft <lion at lion.leol...> > Subject: Re: [Icecast] admin console >Sorry but did you only came to this ML to troll? If so, please do that somewhere else. Claiming you reverse proxy Icecast for „security reasons“ you fail to further detail and then when asked about your reverse proxy setup refuse to give any information whatsoever and just replied „No“ is just quite a troll behavior. If you are not interested in helping improving things, discuss things publicly and help others out, I don’t really see why you even write to this list at all.>> Good evening, >> >> On Thu, 2020-02-06 at 19:20 +0000, user wrote: >>> 2020-01-08 09:59, Marvin Scholz wrote: >>>>>> On Mon, 2020-01-06 at 10:24 +0000, user wrote: >>>>> >>>>> I'm consider to put icecast behind reverse proxy. It is not so >>>>> easy >>>>> as I think before. Does anyone have experience with it? >>>> >>>> In general putting Icecast behind a reverse proxy is not the best >>>> idea >>>> as some webservers are not really made out of the box to easily >>>> deal >>>> with the kind of usage Icecast will usually produce (long running >>>> connections serving a continuous stream). Additionally Icecast is >>>> not >>>> really capable currently do deal with being reverse-proxied >>>> properly >>>> so some things will break when doing that. >>>> >>>> So unless you want to shoot yourself in the foot and run into >>>> various >>>> issues I would not recommend to do it. >>> >>> Expectation on malicious activity force me to put icecast behind >>> reverse >>> proxy. It was not easy, but works very well. >> >> So, what kind of "malicious activity" exactly? And what exact HTTP >> level >> software is more robust against those activities than Icecast? >> >> I'm fully in support that active components on lower levels can be >> helpful >> in some situations. But I would love to hear about any analysis >> indicating >> specific request patterns that would be better handled by external >> software. If you would share your information rather than keeping us >> in >> the dark about specifics it would enable us to improve Icecast for >> all >> users including you. :) >> >> With best regards, > > 1. First of all I would like to deny access to everything except > ...