[vdr] Re: Programm VDR over Web

To: vdr@linuxtv.org
Subject: [vdr] Re: Programm VDR over Web
From: Guido Fiala <gfiala@s.netic.de>
Date: Thu, 4 Oct 2001 19:12:58 +0200
Content-Transfer-Encoding: 8bit
Content-Type: text/plain; charset="iso-8859-1"
Delivered-To: mhonarc@limes.convergence.de
In-Reply-To: <8ABWM5AqlOB@zocki.toppoint.de>
References: <8ABWM5AqlOB@zocki.toppoint.de>
Reply-to: vdr@linuxtv.org
Sender: vdr-bounce@linuxtv.org

On Wednesday,  3. October 2001 22:47, you wrote:
> gfiala@s.netic.de(Guido Fiala)  03.10.01 20:30
>
> Once upon a time Guido Fiala shaped the electrons to say...
>
> >> Bind the VDR port explicit to "localhost" (127.0.0.1) or
> >
> >AFAIK, IP-sources can easily be faked - that's not secure :-(
>
> Jepp. But 127.0.0.1 (the whole 127.x.x.x) is (usually ;-),
> better: always) bound to an extra "interface" called "local loop"
> and there is no wire connected to!
>
> If someone "fakes" 127.0.0.1 as destination he can't get's his IP
> out of his machine, and if he routes those packts to his ethernet
> he will never see an response, because every router "shot cuts"
> those pakets to his local loop interface if any other machine would be
> able to answer. Second his machine may behave "strange"
> because some internal processes rely on the working of the
> "local loop".

Mmm - makes sense to me. 
So should we make that default ?

The drawback is, that you always have first to ssh into the machine and then 
can SVDRP' to vdr. In local networks someone might be lucky to telnet 
directly...

Do you have a patch already?

References:
- [vdr] Re: Programm VDR over Web
  - From: Usenet-372112@zocki.toppoint.de (Rainer Zocholl)

Prev by Date: [vdr] Re: 2 or more Patches for VDR ?? - How to do...
Next by Date: [vdr] Re: New release of the MP3 extention
Prev by thread: [vdr] Re: Programm VDR over Web
Next by thread: [vdr] Re: Programm VDR over Web
Index(es):
- Date
- Thread

Home | Main Index | Thread Index