Winamp & Shoutcast Forums - View Single Post

LordBinky · 26th January 2004, 06:03

I am curious . . .

How secure is that script? All it seems to do is hide the stations port(s). Kind of a 'security through obscurity' method. It seems to me if a user really wanted to listen to a station that uses the script, all they would have to do to bypass it is run a port scan on the web site's IPs to find the one that is streaming, then either use 'www.IPofsite.com

ort/listen.pls' or open Windows Media Player and use 'www.IPsite.com

ort.'

Am I wrong in this summary?

Could someone send me some clear instructions on how to use this script so that I might find out (or direct me to a link)? I found the instructions on www.spacialaudio.com but that does not seem to be enough. I also searched on this forum and all I can find is other peoples problems without any solutions. My problem is that I get an "error syncing to mpeg". I checked that I was using the correct database names and passwords. Is the listen.pls supposed to be in a specific directory, like the shoutcast directory? Currently, I have it in my web directory near the authentication script.

26th January 2004, 06:03	#18
LordBinky Junior Member Join Date: Jan 2004 Posts: 3	I am curious . . . How secure is that script? All it seems to do is hide the stations port(s). Kind of a 'security through obscurity' method. It seems to me if a user really wanted to listen to a station that uses the script, all they would have to do to bypass it is run a port scan on the web site's IPs to find the one that is streaming, then either use 'www.IPofsite.comort/listen.pls' or open Windows Media Player and use 'www.IPsite.comort.' Am I wrong in this summary? Could someone send me some clear instructions on how to use this script so that I might find out (or direct me to a link)? I found the instructions on www.spacialaudio.com but that does not seem to be enough. I also searched on this forum and all I can find is other peoples problems without any solutions. My problem is that I get an "error syncing to mpeg". I checked that I was using the correct database names and passwords. Is the listen.pls supposed to be in a specific directory, like the shoutcast directory? Currently, I have it in my web directory near the authentication script.