Security with shoutcast stream!
 

I think there could be an secrurity problem if you are streaming with Shoutcast. I have an Alcatel Speedtouch 570 router with firewall but the port in use by Shoutcast is routed by the NAT. (that means that traffic will be permited) It's verry important to use a second firewall instead that no other access will be posible. But my question/problem is that i want to be sure that people cannot use this port (8000 / 8001) for other purpose than only to listen with Shoutcast. I have been hacked entirely this week. One of my former webmasters have the details of wich IP-adres and port i use for Shoutcast and problay break in to hack my entire Windows XP system. I'm pretty sure that all other ports are secured by the Alcatel router. I has to explain that at this time i had to close the software firewall due administrating reasons from remote (windows remote desktop) Down below i will give you some spes about my configuration. Maby my system can be secured even more?!

Windows XP Pro (Integrated firewall switched off)
Alcatel Speedtouch 570 with NAT

NAT configuration:

Shoutcast NAT: XX.XX.XX.XX:8000
Shoutcast NAT: XX.XX.XX.XX:8001
Remote Desktop Windows NAT: XX.XX.XX.XX:???? (don't know portnumber now...)

That are the only ports who are reachable from outside.

Further the Tiny Personal Firewall (latest version) and Mcafee Anti Virus (updated)

I use DHCP on my Router and my networkcard as well.

Is this secure enough or is it posible that i will lose my system again by an hacker?

What can i do more about it?

Do anybody have experience with this?

Only open/forward services you know how to operate and understand.

When in doubt, just say no.

lol everyone thinks routers are made to protect your system, well, unfortuently they arn't

u need to setup a firewall, a secure one, to do this find out what ports your system uses when connecting to the net

some of the default ports are:

DNS (to resolve domains to ips) 53 UDP connection
http (to allow your system to connect to web servers) 80 tcp connection
pop3 (to send mail) 110 tcp
smtp (to recieve mail) 25 tcp

once u know all the port numbers of all the software which connects from your system to the net, then open just those ports for OUTGOING connections

now, thats outgoing connections fixed up, now u need to sort incomming connections.

If you run a web server, open port 80 tcp
if you run shoutcast, open port 8000, 8001 (if those are the default ports)

note, if u know anything about firewalls then u will know that there are different rules for traffic originating from ur pc to the net, and different rules from the net to ur pc.

you should use a firewalling system which has seperate rules for incomming and outgoing connections.

a connection originating from the net, i.e connecting to ur pc, from a remote pc, to listen to your station, is an incomming connection, even though the traffic is outgoing.

a connection originating from ur pc, i.e ur pc connecting to a webserver on the internet, is an out going connection.

if u have no idea on firewalls then why broadcast LOL

dont use JUST a router to "protect" ur system, cos it wont, routers are designed to forward certain packets to certain machines.

Security question
 

Wich Firewall software will be most effective and secure. In the Netherlands they all say: Zonneallarm 3 Pro and i use two firewalls, first of all free Tiny Personal Firewall and Second Zoneallarm 3 Pro. But there are several others like Norton Internet Security wich i think might be even a better one than Zoneallarm. But all it depends how to configure it. I use Shoutcast on the known ports... And use HTTP, POP3, ICQ (not the file transfer part) and FTP i think that i has to configure more in the software Firewalls. At least there's one good thing since i use both firewalls i can't ping myself from another computer(location) and there was one hacker who couldn't get through the system, he reported the system as 'stealht'.. (all ports seems to be closed, but i know how unsecure MS-stuff can be...

Are you Windude in disguise?

well, most firewalls are secure as long as they allow you to open and close ports that u choose.

port numbers are as following:

POP3: 110 (tcp connection)
SMTP: 25 (tcp connection)
DNS: 53 (udp connection)
HTTP: 80 (tcp connection)
IRC: 6667 - 6669 (tcp connection)

if u need to know more, run netstat then try to run the software which uses the port u need to find out

it will then tell u the port its trying to use and u can then open it

Security Shoutcast unsafe
 

I had an hacker in my system. I use ADSL with an Alcatel Router and need to open port 8000 in the router. But the problem is that the Firewalls like Zonealarm and Tiny Personal Firewall just alow the users to get on this port and that is understandable but unsafe. I want to know wich steps i could do to be more secured against such a hacker who know my fixed IP-adress and portnumber. Maby Shoutcast needs to change en review their security in de Server-tool?

Maby you raither have the same problem and maby you have an idea how to optain a firewall or solution what will fix this.!?

It's easy:
No open/forwarded port(s), no SHOUTcast stream.

If all you have opened and forwarded is portBase and have the DNAS running (or if it's not running then you'll need no other services associated with portBase), then you're safe.

If you have other ports opened/forwarded and running services, then that could be the source of the problem. The latest DNAS has no known vulnerabilities.

Even then, the older DNASs vulnerabilities could only crash the DNAS not compromise your system.

This isn't a SHOUTcast issue.

So no streaming is posible with Shoutcast!?
 

So if you consider to close the port you can't shoutcast, of is there still a posibility. Maby you can explain it a little more clear?

you security nuts are funny :)

What do you mean
 

What do you mean with the last post. My mothertongue is Dutch and don't understand the meaning of your writing?

"you security nuts are funny"

I don't know what it means....