Centova Technologies Forum
Centova Cast v2 => Technical discussion => Topic started by: skipper on November 16, 2012, 01:05:50 pm
-
Hello everyone. I'm hoping someone can help me with this...
I have had this problem for a while now...Centova Cast tells me I must be doing this to myself (not likely)...I keep having my own IP address BANNED (so can't log in to listen or enter the CC admin panel) and then must get help to UNban my addy...the problem is, my IP address isn't even showing in the LISTENERS section of the Admin Panel, so how the h*** can my own IP get banned???. I'm not banning myself!
Does anyone know what-the-heck is going on here???.
Many thanks for any assistance,
Skipper
-
Well, nice to see these forums offer so much help. NOT :(
-
you posted something which is 4hrs outside of Centova's normal working hours and was late on a friday night based on the posting time as strangely enough people do like to have weekend's away from doing work and answering questions on a forum that they do out of their own will and time. have a bit of patience and someone who maybe able to help will reply.
-daz
-
Sorry..didn't realize that...no need to get all bent ::)
-
hello,
We never said that you were banning yourself. We said that someone must be loggin in as admin and banning your ip. And that's why we recommended changing the admin password.
Also I've noticed that you had a lot (over 700) of banned ips, so it's possible that you have some third party tool doing this? if so, that's most likely the cause.
-
Roger:
Well HCM said that YOU said I must be doing my own IP banning...doesn't matter, because I haven't been...and NO one is logging in with my log-in details because I'm the only one with access to the p/w and user name...
All the IP's banned are done by me and I know there are a ton of them. They're all German IP's. I do that because they are on there mostly to rip my stream, so I ban all German listeners. There's no third-party tool doing the banning I assure you. So I doubt that's it Roger. I still say it's a glitch within CC causing it. Nothing else suggested has worked, and it's not a "tool" doing it...???
Thanks for the input however. I appreciate it.
ps: I should mention this has happened several times when I'm not even logged in listening. So my IP isn't showing anywhere)
-
Well I guess no one knows more beyond what's said already.
Thanks for the input.
-
The ban feature is internal to Shoutcast DNAS and has nothing to do with Centova Cast. Under no circumstances can Centova Cast ban any IP on it's own, and the only way the ban feature is accessible is by using Shoutcast's admin interface (so you can't ban an IP using Centova Cast even if you wanted to)
I've also never heard of Shoutcast banning IPs by itself so it's probably more likely that someone else managed to get their hands on your admin password and is now doing this to annoy you.
-
I seriously doubt anyone got my SC username and p/w, seeing I'm the only one who knows it. I don't even know HOW they even could...I have 2 stations and 2 usernames & p/w's and this has happened to both a few times. CC has an "admin panel" but I guess that's the SC you refer to. Odd how no one mentioned what you say before, but yeah it's for the SC DNAS....
It sure is odd make no mistake. By the way, the p/w change on one of the stations did nothing as it happened within 2 days of that change, which was 2 wks ago. Very strange indeed.
Guess I'll just have to see what happens. Thanks for your reply.
ps: Even IF someone gained by password, how would they know my IP address???
Oh well, just have to wait & see...thanks again :(
-
I seriously doubt anyone got my SC username and p/w, seeing I'm the only one who knows it. I don't even know HOW they even could...
It's fairly easy for anyone that know your server IP to scan incoming trafic and get hold of your password, mostly because communications between shoutcast and your PC are not encrypted. Also the shoutcast server itself could have been hacked. Although is rare, I've seen it happen a couple of times specially on stations that have been running for a long time without restarting shoutcast.
I have 2 stations and 2 usernames & p/w's and this has happened to both a few times. CC has an "admin panel" but I guess that's the SC you refer to. Odd how no one mentioned what you say before, but yeah it's for the SC DNAS....
I'm not sure what you mean, I've mentioned before that this was been done via the DNAS page and not Centova Cast.
It sure is odd make no mistake. By the way, the p/w change on one of the stations did nothing as it happened within 2 days of that change, which was 2 wks ago. Very strange indeed.
Guess I'll just have to see what happens. Thanks for your reply.
Also not sure what you mean, you probably forgot to restart the server after changing the password.
ps: Even IF someone gained by password, how would they know my IP address???
Oh well, just have to wait & see...thanks again :(
They will have to know your IP first before getting hold of your password. It's also far easyer.
-
Thanks Roger. One thing I was told; it's only ME with the problem..
Odd how no one would "hack" anyone else's credentials.
If what you say is true, re: easy to get the p/w...seems rather
dumb SC would allow something like this to even be possible.
Look how many of us there are. Food for thought I suppose...
One time, a few weeks ago, my IP was banned and I wasn't even listening in
so my IP wasn't showing in the SC DNAS. Then when they UNbanned me,
the server would always do a restart. Unusual.
Oh well...thanks again! :D
-
if i'd realised you were referring to the in-DNAS banning option and not something as part of Centova then i'd have replied instead of telling you to wait (as the wording never implied it's the DNAS's pages - though from what you've posted it seems there's confusion on what is and isn't part of the control panel and what's the DNAS itself).
not knowing what version of the DNAS you're using (though it's unlikely to make much difference if it's been compromised), what Roger has said is true in that it's relatively easy to get passwords if the network traffic can be intercepted.
it's also possible depending on the setup for someone with details to connect as a source connections to then be able to get to the admin pages and then would be able to do what is being described - so it could have been done by someone with access given to them for connecting as a source. that scenario is limited to the v1 DNAS - i don't believe it should be possible with a v2 DNAS and this whole issue is why things were changed for the v2 DNAS to force separate passwords for source connections vs admin pages (even if it's annoyed people because they didn't have to do it for the v1 DNAS - but cases like this are exactly the reason why i made those changes).
i can't remember if it's in the public build of the v2 DNAS or it's just from the internal builds (too late for me to trawl through changelogs) is handling was changed so as long as you connect from the same machine on a localhost type address then the v2 DNAS would still allow you to connect and login to it even if you've been banned on whatever IP address has been banned.
as for the point raised about details not being encrypted, it's something i need to look into changing for the v2 DNAS (probably sooner rather than later) as i've seen a few requests for https access on the admin pages which could help to protect things but if the DNAS has been compromised on the server-side already then that wouldn't help out.
-daz
-
WOW thanks for such a FULL explanation DrO. I must admit, I'm not that tech savoy and don't fully understand or comprehend on what you mention in your post ???, but maybe my friend close by can help me better digest what you've told me. I really appreciate the detailed reply.
It sorta puts me uneasy to know this can be done so easily by anyone. I get a truck-load of German listeners who ALL use the exact same player (Winamp) and the exact same version. That in itself makes me wonder about how legit these so-called listeners really are. And most rippers I see are always from Germany. It makes me wonder...???? :-\
Thanks again! and sorry for the confusion with CC and SC. I forgot to mention it was in the DNAS screen of banned listeners. :-[
-
not to worry.
basically if you're using a v1 DNAS then due to it's age and it no longer being actively developed means if there is an issue where people can get into it without your knowledge or easily then there's little which will be done to fix it now. as such that's one of the points of the v2 DNAS to resolve things like that (though more secure connections to the DNAS are going to take a while to get added if i can convince that it's good for us to do it - which i believe it is).
does seem strange if you're seeing the same Winamp user-agent for all of the connections. i'd at least expect some variation but not for them all to be the same based on what i've seen from some DNAS i look after.
-daz
-
The version I see now with SC DNAS is 1.98 Linux....
Question...
Where it says VIEW CURRENT LISTENERS on the CC panel, are the listeners that are showing compiled by CC or SC?. Today I often see German listeners, all using Winamp 5.50 and all showing the exact same time listening. Something MUST be wrong with this.... ???
-
The IP and player the listener is using are taken from Shoutcast's logs
I'm going to make an educated guess and say that the listening time is taken from Shoutcast's "Listeners" tab (that's under the admin login from the DNAS page); so you should be able to see the same "Connect Time" under that section
-
Thanks AlexiuB. That much I was pretty sure about. It had to be SC logs.
It's very strange that often I will see maybe 5,6 or more German listeners
all connected by Winamp 5.50 AND all at the exact same time, therefore showing
the exact same listening time. Now that's not normal :o
-
And my IP has been BANNED yet again just now.
This is a REAL ongoing problem....
Somewhere there must be an explanation for this BS. >:(
-
Hello again skipper,
Have you gone through the station logs? I'm pretty sure that if someone is login using the admin, it should've been logged somewhere.
-
Hey thanks...I'll have a look Roger ;D
-
I found one entry tonight with MY IP address in the logs...
"kicked and banned with mask 255"
What would that mean?. Anyone?
-
Hey staff
my port 8002 shoutcast server has been going to unable to connect errors for me as well
so does that mean someone might be banning my ip address on my shoutcast server as well
thanks
-
I found one entry tonight with MY IP address in the logs...
"kicked and banned with mask 255"
What would that mean?. Anyone?
Ok this isn't anything I should worry about. It shows each time I ban an IP. ::)
-
Yes I tried changing the p/w a few times but without any success.
It hasn't happened in a few weeks now, so ... :-\
Thanks for the reply.. :)
-
The VERY most strange thing about all this is that sometimes (more than once) it's happened and I wasn't even logged ON the station as an ordinary listener. Which means I didn't BAN myself by accident and NO ONE else but me has the log-on password..???
Go figure.... ???
-
Oops, sorry Ricky...I deleted my latest POST by mistake...LOL..
I was commenting on how SO MANY connections are from Germany with only Winamp 5.0 connections. I don't believe they're legit connections because after I "kick" them they NEVER reconnect, ever. Yes some players don't automatically reconnect, so this tells me NO ONE is actually sitting there trying to reconnect.
-
Does anyone know HOW to contact Shoutcast???
-
Yeah, thanks Ricky :(
I know this today, when this happens I also cannot LISTEN in through Shoutcast, but all other stations
I can...Hmmmm
What about using Icecast vs Shoutcast??
-
Well I just now found this out:
My own IP was banned in the ShoutCast DNAS. I just did a server RESTART and now my IP is NOT banned any longer. All is well again. Can anyone make any sense of this??
-
Well I just now found this out:
My own IP was banned in the ShoutCast DNAS. I just did a server RESTART and now my IP is NOT banned any longer. All is well again. Can anyone make any sense of this??
It means your IP is not in the ban list permanently, that's why is no longer banned after restart.
Most likely your DNAS it's been hacked, I have seen DNAS been hacked to show custom messages, and even redirect to other sites. I would not be surprised if it could be hacked this way too.
All of this cases are restored after a simple restart, which means the hack can only affect the running process memory.
Try switching to ICecast, or Shoutcast 2.0.
-
Thanks very much Roger! :D
-
Does anyone know HOW to contact Shoutcast???
via the SHOUTcast forums (as you've already done) or by getting a response from a developer (me). and as i said previously a month or 2 back, if it is a v1 DNAS specific issue then the only solution is to use the v2 DNAS as there will not be any updates for the v1 DNAS.
-daz
-
Thanks again DrO. That is what I thought.