Hello everyone. I'm hoping someone can help me with this...

I have had this problem for a while now...Centova Cast tells me I must be doing this to myself (not likely)...I keep having my own IP address BANNED (so can't log in to listen or enter the CC admin panel) and then must get help to UNban my addy...the problem is, my IP address isn't even showing in the LISTENERS section of the Admin Panel, so how the h*** can my own IP get banned???. I'm not banning myself!

Does anyone know what-the-heck is going on here???.

Many thanks for any assistance,
Skipper

Well, nice to see these forums offer so much help. NOT 

you posted something which is 4hrs outside of Centova's normal working hours and was late on a friday night based on the posting time as strangely enough people do like to have weekend's away from doing work and answering questions on a forum that they do out of their own will and time. have a bit of patience and someone who maybe able to help will reply.

-daz

Sorry..didn't realize that...no need to get all bent 

hello,

We never said that you were banning yourself. We said that someone must be loggin in as admin and banning your ip. And that's why we recommended changing the admin password.

Also I've noticed that you had a lot (over 700) of banned ips, so it's possible that you have some third party tool doing this? if so, that's most likely the cause.

Roger:

Well HCM said that YOU said I must be doing my own IP banning...doesn't matter, because I haven't been...and NO one is logging in with my log-in details because I'm the only one with access to the p/w and user name...

All the IP's banned are done by me and I know there are a ton of them. They're all German IP's. I do that because they are on there mostly to rip my stream, so I ban all German listeners. There's no third-party tool doing the banning I assure you. So I doubt that's it Roger. I still say it's a glitch within CC causing it. Nothing else suggested has worked, and it's not a "tool" doing it...

Thanks for the input however. I appreciate it.

ps: I should mention this has happened several times when I'm not even logged in listening. So my IP isn't showing anywhere)

Well I guess no one knows more beyond what's said already.
Thanks for the input.

The ban feature is internal to Shoutcast DNAS and has nothing to do with Centova Cast. Under no circumstances can Centova Cast ban any IP on it's own, and the only way the ban feature is accessible is by using Shoutcast's admin interface (so you can't ban an IP using Centova Cast even if you wanted to)

I've also never heard of Shoutcast banning IPs by itself so it's probably more likely that someone else managed to get their hands on your admin password and is now doing this to annoy you.

I seriously doubt anyone got my SC username and p/w, seeing I'm the only one who knows it.  I don't even know HOW they even could...I have 2 stations and 2 usernames & p/w's and this has happened to both a few times. CC has an "admin panel" but I guess that's the SC you refer to. Odd how no one mentioned what you say before, but yeah it's for the SC DNAS....

It sure is odd make no mistake. By the way, the p/w change on one of the stations did nothing as it happened within 2 days of that change, which was 2 wks ago. Very strange indeed.
Guess I'll just have to see what happens. Thanks for your reply.

ps: Even IF someone gained by password, how would they know my IP address???
Oh well, just have to wait & see...thanks again   

I seriously doubt anyone got my SC username and p/w, seeing I'm the only one who knows it.  I don't even know HOW they even could...

It's fairly easy for anyone that know your server IP to scan incoming trafic and get hold of your password, mostly because communications between shoutcast and your PC are not encrypted. Also the shoutcast server itself could have been hacked. Although is rare, I've seen it happen a couple of times specially on stations that have been running for a long time without restarting shoutcast.

I have 2 stations and 2 usernames & p/w's and this has happened to both a few times. CC has an "admin panel" but I guess that's the SC you refer to. Odd how no one mentioned what you say before, but yeah it's for the SC DNAS....

I'm not sure what you mean, I've mentioned before that this was been done via the DNAS page and not Centova Cast.

It sure is odd make no mistake. By the way, the p/w change on one of the stations did nothing as it happened within 2 days of that change, which was 2 wks ago. Very strange indeed.
Guess I'll just have to see what happens. Thanks for your reply.

Also not sure what you mean, you probably forgot to restart the server after changing the password.

ps: Even IF someone gained by password, how would they know my IP address???
Oh well, just have to wait & see...thanks again   

They will have to know your IP first before getting hold of your password. It's also far easyer.

Thanks Roger. One thing I was told; it's only ME with the problem..
Odd how no one would "hack" anyone else's credentials.

If what you say is true, re: easy to get the p/w...seems rather
dumb SC would allow something like this to even be possible.
Look how many of us there are. Food for thought I suppose...

One time, a few weeks ago, my IP was banned and I wasn't even listening in
so my IP wasn't showing in the SC DNAS. Then when they UNbanned me,
the server would always do a restart. Unusual.

Oh well...thanks again! 

if i'd realised you were referring to the in-DNAS banning option and not something as part of Centova then i'd have replied instead of telling you to wait (as the wording never implied it's the DNAS's pages - though from what you've posted it seems there's confusion on what is and isn't part of the control panel and what's the DNAS itself).

not knowing what version of the DNAS you're using (though it's unlikely to make much difference if it's been compromised), what Roger has said is true in that it's relatively easy to get passwords if the network traffic can be intercepted.

it's also possible depending on the setup for someone with details to connect as a source connections to then be able to get to the admin pages and then would be able to do what is being described - so it could have been done by someone with access given to them for connecting as a source. that scenario is limited to the v1 DNAS - i don't believe it should be possible with a v2 DNAS and this whole issue is why things were changed for the v2 DNAS to force separate passwords for source connections vs admin pages (even if it's annoyed people because they didn't have to do it for the v1 DNAS - but cases like this are exactly the reason why i made those changes).

i can't remember if it's in the public build of the v2 DNAS or it's just from the internal builds (too late for me to trawl through changelogs) is handling was changed so as long as you connect from the same machine on a localhost type address then the v2 DNAS would still allow you to connect and login to it even if you've been banned on whatever IP address has been banned.


as for the point raised about details not being encrypted, it's something i need to look into changing for the v2 DNAS (probably sooner rather than later) as i've seen a few requests for https access on the admin pages which could help to protect things but if the DNAS has been compromised on the server-side already then that wouldn't help out.

-daz

WOW thanks for such a FULL explanation DrO. I must admit, I'm not that tech savoy and don't fully understand or comprehend on what you mention in your post  , but maybe my friend close by can help me better digest what you've told me. I really appreciate the detailed reply.

It sorta puts me uneasy to know this can be done so easily by anyone. I get a truck-load of German listeners who ALL use the exact same player (Winamp) and the exact same version. That in itself makes me wonder about how legit these so-called listeners really are. And most rippers I see are always from Germany. It makes me wonder...?

Thanks again! and sorry for the confusion with CC and SC. I forgot to mention it was in the DNAS screen of banned listeners. 

not to worry.

basically if you're using a v1 DNAS then due to it's age and it no longer being actively developed means if there is an issue where people can get into it without your knowledge or easily then there's little which will be done to fix it now. as such that's one of the points of the v2 DNAS to resolve things like that (though more secure connections to the DNAS are going to take a while to get added if i can convince that it's good for us to do it - which i believe it is).

does seem strange if you're seeing the same Winamp user-agent for all of the connections. i'd at least expect some variation but not for them all to be the same based on what i've seen from some DNAS i look after.

-daz

The version I see now with SC DNAS is 1.98 Linux....

Question...
Where it says VIEW CURRENT LISTENERS on the CC panel, are the listeners that are showing compiled by CC or SC?. Today I often see German listeners, all using Winamp 5.50 and all showing the exact same time listening. Something MUST be wrong with this....