Any tips on installing SHOUTcast on the Airtime Server
  • The ball is always changing with shoutcast and I always seems to playing football but are given golf balls as a Linux User.ie doing big things with different and small balls(it should be simple "Ain't it"?

    So these are my guides for installation and setup

    I follow these tutorial

    For installation I used this 

    http://blog.gaiterjones.com/installing-shoutcast-for-ubuntu/

    • You will need to run shoutcast as separate user  for security sake
    • You need to  setup a startup script

    For Configuration I use this

    http://wiki.gentoo.org/wiki/SHOUTcast/Installation

    What are your thoughts?

    Good Luck
    VOISSES

    Anyone reading this a find it funny about my grammar , I make no apology ,Go get a translator.
    "The Problem with education today is that it takes a university degree to switch on a light bulb"
    "You learn from your mistakes but wise people learn from others mistakes avoid Making mistakes there is not sufficient rooms to make them"
    "Innuendo","If's","Assumptions" and "Fear" are for politician.Who,What,where,When and How are for those seeking knowledge and care about Humanity.
    "I might be in Mud but that does not Make me a Wild Hog(pig)"
    “Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius — and a lot of courage to move in the opposite direction.”
    "The only thing that remains constant is change itself"
    May the force be with you,until our path or destiny bring us in tandem.
  • 9 Comments sorted by
  • tip: always use a different shoutcast installation for each stream that you are using, so that you can update them independently. Also use different user for each instance.

    Schelstraete Bart - http://www.contact-dance.com
    image
  • Running a public Shoutcast (or Icecast) server on the same instance as your private Airtime production server is never a good idea. Separating the two is absolutely critical for anyone interested in real security.
  • Running a public Shoutcast (or Icecast) server on the same instance as your private Airtime production server is never a good idea. Separating the two is absolutely critical for anyone interested in real security.



    Can you provide more documentation on this?
  • Just common sense, really.

    Airtime's automated installer includes Icecast for use on the same machine simply as a matter of getting a demo system up and running quickly with as little friction as possible. Sometimes it's actually useful for testing situations.

    However, in the real world, you definitely don't want the IP address of your honeypot loaded with valuable assets to just hang out in public... potentially syndicated by YPs and various random aggregators. Intentionally separating the two allows you to keep your Airtime production IP number private, known only to you and your team. That's infinitely better than any firewall.

    Ya follow? :)>-
  • @Roger Wilco say:
    However, in the real world, you definitely don't want the IP address of your honeypot loaded with valuable assets to just hang out in public... potentially syndicated by YPs and various random aggregators.
     
    Honeypots are never a good idea unless you know exactly what you are doing.as the name suggests,you are bring in all the bees,scripties and amateur who are looking to test there skills.
    One way to use honeypots if you should then host it remotely and then have excess traffic directed to there.
    But no need for that,just set up a relay for your server and when one is full the person is redirected somewhere else.
    Or setup a proxy like pound so that say all your windows users are directed to one server and others are redirected to other servers or ports. for instance you could have multiple ports (not a wise idea) on the Iceecast servers  or multiple mount points

    Put it this way you cannot hide an IP from hackers.Remember,true hackers use scanners,its just like a radio scanners,where the parameters (station) are there it will just lock on and the music plays.
    Also there are various ways to hack and these target various layers of the OSI Model.

    But why do you want to keep the production server for .

    Unscrupulous and unwanted traffics should be reduce as much as possible.setting up a separate icecast server is the best solution.Just as I always say you want to delegate as much as possible So set up your webserv,seperate from your airtime serve,from your proxy server ,your database server ,your dns server etc.provides a better audit and troubleshoot when something wrong.
    Simple you could put a backup file mount on the seperate Icecast server so that when you restart your airtime  you do not lose your listeners.

    @Roger Wilco  further said:
    Intentionally separating the two allows you to keep your Airtime production IP number private, known only to you and your team. That's infinitely better than any firewall.

    What? That's crazy talk,Half-Fast talk.

    Your firewall is the first line of defense it encompass the first 3 layers of the OSI Model.Its like a fence,a wall etc.You cannot hide in open house.
    The firewall carries the DMZ,The local network,the wifi network,all other types of hybrid network. and determine your packet filters.
    So you can run all your database locally,and all your php remotely to obtain necessary information,not exposing the database entirely.(barring injections etc.)
    You can put your Airtime on one branch and your other server on other branch and only access the services necessary on the other server.

    The Airtime server Applications and most applications operate at the presentation layer,(layer 6) and attack here is trivial to the fact that you need the others layers.
    So if your firewall say only port 80 in ,then launching an attack on an application need to be transported (layer 7) and the network layers.
    You need the firewall to limit these attack,so if the Softare is exposed without the firewall ,"DOG HAS JUST ATE YOUR Supper"

    Become Familiar with OSI- MODEL and network security for New Year
    \
    VOISSES
    Anyone reading this a find it funny about my grammar , I make no apology ,Go get a translator.
    "The Problem with education today is that it takes a university degree to switch on a light bulb"
    "You learn from your mistakes but wise people learn from others mistakes avoid Making mistakes there is not sufficient rooms to make them"
    "Innuendo","If's","Assumptions" and "Fear" are for politician.Who,What,where,When and How are for those seeking knowledge and care about Humanity.
    "I might be in Mud but that does not Make me a Wild Hog(pig)"
    “Any intelligent fool can make things bigger, more complex, and more violent. It takes a touch of genius — and a lot of courage to move in the opposite direction.”
    "The only thing that remains constant is change itself"
    May the force be with you,until our path or destiny bring us in tandem.
  • Turning ping response off helps against scanners..
    No longer using Airtime or Libretime.
  • All good advice, but we are a nonprofit station and can't afford having 2 servers, so our website, Shoutcast, and Airtime are all being hosted on the same server. Maybe when we win the lottery we'll separate stuff out.
  • Well, I do that Bob, without problems - except I had to move the admin port to 8080. No problems at all in 18 months, Just set your firewall up properly.
    No longer using Airtime or Libretime.
  • Oh pishaw... check out Digital Ocean