[119873] in North American Network Operators' Group
Re: Flash Media Servers as Open Proxies
daemon@ATHENA.MIT.EDU (Charles Wyble)
Thu Dec 3 13:00:34 2009
From: Charles Wyble <charles@thewybles.com>
In-Reply-To: <F7D4B38C-F385-439D-955A-98CBBD87ACD9@americafree.tv>
Date: Thu, 3 Dec 2009 09:59:20 -0800
Cc: NANOG list <nanog@nanog.org>
Errors-To: nanog-bounces+nanog.discuss=bloom-picayune.mit.edu@nanog.org
Hmmmm..
This is most interesting. Have you spoken with Adobe about the issue? I =
don't have an immediate handle on how they have reacted to security =
issues in the past.=20
Sane defaults would be nice. :(=20
You might want to ping Akami as they have substantial operational =
experience with flash media server.=20
I look forward to a writeup on the topic.=20
On Dec 3, 2009, at 9:45 AM, Marshall Eubanks wrote:
> I recently found out that the Adobe Flash Media Server (FMS) can =
operate "out of the box"
> as an open proxy, enabling other people to steal server resources and =
bandwidth. Furthermore,
> I also found that there is an ecosystem of pirates taking advantage of =
this "feature" to
> illegally stream sports events (and maybe other stuff as well). Each =
event uses multiple (stolen)
> servers and can amount to thousands of streams and Gbps of consumed =
bandwidth.
>=20
> I believe but am not 100% sure that there are similar problems with =
Window Media Servers.
>=20
> I would like to hear (off-list) from people who have experience =
fighting this so that we could
> maybe pool techniques. I will try to write this up further later.
>=20
> Regards
> Marshall Eubanks
>=20
