Thank you for your donation!


Cloudsmith graciously provides open-source package management and distribution for our project.


Problem: Hardening your moOde streamer
#5
When a host is directly connected to the Internet its like below. The host obviously has to be secure.

HOST <--> Public Internet

Prolly 99.9% of moOde hosts are not directly connected to the Internet. They are behind a home Router which provides an air gap between the Internet and the hosts behind it, like below.

HOST <--> Router | air gap | <--> Public Internet

The "air gap" performs what is called Network Address Translation (NAT) which maps the Routers public Internet address to the private addresses of the HOSTS behind it. These private addresses are non-routable and so even if it were known that a HOST behind a Router was assigned address 192.168.1.35 no one on the Public Internet could directly address it cos its a non-routable address.

Modern Routers also have Firewalls and other security measures in the "air gap" that protect the Router itself and provide other protections for the HOSTS behind it. 

Given that stock moOde only accesses well known Internet radio stations, moodeaudio.org for updates, Internet time servers and other well known resources,  it would be highly unlikely that any malicious code would be injected from these sites.

-Tim
Enjoy the Music!
moodeaudio.org | Mastodon Feed | GitHub
Reply


Messages In This Thread
Hardening your moOde streamer - by Listener - 06-23-2019, 02:53 PM
RE: Hardening your moOde streamer - by Tim Curtis - 06-23-2019, 06:57 PM
RE: Hardening your moOde streamer - by Listener - 06-24-2019, 12:12 AM
RE: Hardening your moOde streamer - by Tim Curtis - 06-24-2019, 12:59 AM

Forum Jump: