Jump to content


Photo

Tighten Security From Outside Attacks on my VU+ boxes.


  • Please log in to reply
130 replies to this topic

#1 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 27 November 2016 - 21:08

Hi,

 

I hope someone could help me with strengthen up my security for my VU+ Solo SE Version 2.

 

I have setup an Oscam server which serves me in my house for other boxes like an older DM800 and one DM500 a part from my VU+ which I have in my living room.

 

I also set this up for my mother and my two cousins. I do understand that this is somehow an “grey area” but I only have my family in this setup.

 

A couple of days ago, my VU+ stopped working and after a lot of fiddling around I found out that someone has changed my CCcam.cfg to a different address. I looked like this:

 

C:piromery98.zapto.org  12000 hak hak
C:piromery97.zapto.org  12000 hak hak
N:127.0.0.1  19907 localbox lokalip1 01 02 03 04 05 06 07 08 09 10 11 12 13 14
N:127.0.0.1  19908 localbox lokalip1 01 02 03 04 05 06 07 08 09 10 11 12 13 14
N:127.0.0.1  19909 localbox lokalip1 01 02 03 04 05 06 07 08 09 10 11 12 13 14

 

Well it’s obvious that somebody gained access to my box but I don’t understand how.

I have set a long and hard password to my box.

 

I do understand that it’s a security risk to have port forwarding in my router.
I have port forwarded telnet, ftp, http and the port for streaming services, 8001, to my box.
I need it since I’m streaming to my Android phone. I have set the streaming authorization on both in OpenWEbIf and the setup menu, so the streaming needs a user name and password. How could I tighten my security without losing my port forwarding?

 

Also, I have discovered that I started to have duplicate users of my cousin’s name in my Oscam. O checked the IP addresses and they mostly come from Turkey, Germany and Spain. I’m banning the IP addresses directly in my Ubuntu, but still another IP address pops up in my Oscam several times a week. I’ve gone as far as banning whole Block range of IP Addresses that comes from these countries and it has somehow lessened a little, but still pops up.

 

I’d appreciate any tips on how I could tighten my security. :wacko:

 

 



Re: Tighten Security From Outside Attacks on my VU+ boxes. #2 mimisiku

  • Senior Member
  • 5,519 posts

+115
Excellent

Posted 27 November 2016 - 21:24

Very simple! wAN sharing is illegal and is simply not suppirted here. Statements like 'only family/friends' is banned by law.
Met één been in het graf..... Helaas

Re: Tighten Security From Outside Attacks on my VU+ boxes. #3 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 27 November 2016 - 21:56

Sorry for being honest. I could only have written "within my house", like anyone else.

Just looking for tighten my security.



Re: Tighten Security From Outside Attacks on my VU+ boxes. #4 WanWizard

  • PLi® Core member
  • 70,842 posts

+1,832
Excellent

Posted 27 November 2016 - 22:41

It's all very simple:

 

Do not expose your box onto the internet. Never! It is not a security device, it is not designed to be, it is not hardened.


Currently in use: VU+ Duo 4K (2xFBC S2), VU+ Solo 4K (1xFBC S2), uClan Usytm 4K Ultimate (S2+T2), Octagon SF8008 (S2+T2), Zgemma H9.2H (S2+T2)

Due to my bad health, I will not be very active at times and may be slow to respond. I will not read the forum or PM on a regular basis.

Many answers to your question can be found in our new and improved wiki.


Re: Tighten Security From Outside Attacks on my VU+ boxes. #5 littlesat

  • PLi® Core member
  • 57,431 posts

+708
Excellent

Posted 27 November 2016 - 23:16

Telnet ftp and streaming port open... That is like let the frontdoor of your house wide open...

WaveFrontier 28.2E | 23.5E | 19.2E | 16E | 13E | 10/9E | 7E | 5E | 1W | 4/5W | 15W


Re: Tighten Security From Outside Attacks on my VU+ boxes. #6 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 28 November 2016 - 01:30

Thanks for honest answers. I could live without the telnet and ftp ports. But how about the streaming port.

If I use the Streaming Authentication On, just stream with password. Would that be a threat as well?



Re: Tighten Security From Outside Attacks on my VU+ boxes. #7 betacentauri

  • PLi® Core member
  • 7,185 posts

+323
Excellent

Posted 28 November 2016 - 09:04

Read WanWizards post again. Yes, every open port is dangerous.
Xtrend ET-9200, ET-8000, ET-10000, OpenPliPC on Ubuntu 12.04

Re: Tighten Security From Outside Attacks on my VU+ boxes. #8 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 28 November 2016 - 12:36

Read WanWizards post again. Yes, every open port is dangerous.

LOL, what a great helper we have found here.



Re: Tighten Security From Outside Attacks on my VU+ boxes. #9 betacentauri

  • PLi® Core member
  • 7,185 posts

+323
Excellent

Posted 28 November 2016 - 12:46

I just answered your question ;)

My last advice here: Use VPN!


Xtrend ET-9200, ET-8000, ET-10000, OpenPliPC on Ubuntu 12.04

Re: Tighten Security From Outside Attacks on my VU+ boxes. #10 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 28 November 2016 - 13:58

@betacentauri, I was just ironic. Of course I appreciate every answer I get, even youts! I have turned off both ftp and telnet in my router now and at my moms.

The only thing that bogs me is that I have a small country house two hours outside my town here in Sweden and we got fiber installed there a couple of months ago and I just bought my Vu+ at the same time and I'm able to stream even HD channels without a glitch from my Vu+ from to my house.

 

So the only thing that exists is to secure my stream. Where do I start? I understand you mentioned VPN, but being a total noob I don't know where to start. It took me over 3 months and a lot of questions to get my Oscam to work, so that's my understanding of things :)

 

So about this VPN. I take for granted you mean OpenVPN, I have read through some posts in this forum. But don't get the hang of it.

Should the VPN server be installed in my computer, router (if it's possible) or in the box? I.E Where should my client resp. server be installed.

 

Again, thanks for your answers so far, I really do appreciate taking your time!



Re: Tighten Security From Outside Attacks on my VU+ boxes. #11 MiLo

  • PLi® Core member
  • 14,055 posts

+298
Excellent

Posted 28 November 2016 - 19:17

SSH may be simpler if you aren't exchanging large files. And it doesn't involve as much setup.

http://www.milosoftw...p?body=dropbear

You can use this also to setup connections between boxes and tunnel any traffic over it securely.
Real musicians never die - they just decompose

Re: Tighten Security From Outside Attacks on my VU+ boxes. #12 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 29 November 2016 - 12:33

Thanks, so I could stream through SSH then?



Re: Tighten Security From Outside Attacks on my VU+ boxes. #13 Huevos

  • PLi® Contributor
  • 4,760 posts

+167
Excellent

Posted 29 November 2016 - 13:29

There are only 3 ways to protect you receiver from attack from outside your LAN: VPN, VPN, & VPN.



Re: Tighten Security From Outside Attacks on my VU+ boxes. #14 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 29 November 2016 - 15:34

@Huevos could you elaborate? How, When, Where?  so far @MiLo have provided som juicy information. 

Is it secure? I'm asking since I'm eager to learn and keep the prying idiots away and just use other peoples vulnerabilities.



Re: Tighten Security From Outside Attacks on my VU+ boxes. #15 dAF2000

  • PLi® Ex-Leden
  • 14,151 posts

+52
Good

Posted 29 November 2016 - 15:45

SSH is as secure as VPN. And indeed, VPN is quite difficult to set up. I never tried streaming through an SSH tunnel so I can't tell you if that works.


Many answers to your question can be found in our wiki: http://openpli.org/wiki

Re: Tighten Security From Outside Attacks on my VU+ boxes. #16 littlesat

  • PLi® Core member
  • 57,431 posts

+708
Excellent

Posted 29 November 2016 - 16:28

 I never tried streaming through an SSH tunnel so I can't tell you if that works.

->
Yep that works... but undoable with an iPad or iPhone since iOS >=7 does 'abort' the tunnel after 5 minutes....

WaveFrontier 28.2E | 23.5E | 19.2E | 16E | 13E | 10/9E | 7E | 5E | 1W | 4/5W | 15W


Re: Tighten Security From Outside Attacks on my VU+ boxes. #17 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 29 November 2016 - 16:43

Some great answers! So iPad is out of the question then?

Wife will be not so happy :(



Re: Tighten Security From Outside Attacks on my VU+ boxes. #18 dAF2000

  • PLi® Ex-Leden
  • 14,151 posts

+52
Good

Posted 29 November 2016 - 16:46

Some great answers! So iPad is out of the question then?

Wife will be not so happy :(

 

As long as your wife lives in the same house there's nothing wrong :) Internally you use streaming etc. just like now without VPN or SSH. That's only for outside connections.


Many answers to your question can be found in our wiki: http://openpli.org/wiki

Re: Tighten Security From Outside Attacks on my VU+ boxes. #19 kermith

  • Senior Member
  • 182 posts

+2
Neutral

Posted 29 November 2016 - 16:51

Thanks, but we're in our country house and she needs to stream from my home, from the Vu+. Otherwise she would need to always see football or icehockey with me :)

 

We have WiFi in the country house with just installed fiber,


Edited by kermith, 29 November 2016 - 16:51.


Re: Tighten Security From Outside Attacks on my VU+ boxes. #20 SpaceRat

  • Senior Member
  • 1,030 posts

+65
Good

Posted 29 November 2016 - 17:18

Some routers, especially the AVM Fritz!Box, allow a very quick and easy setup for VPN (Site-2-Site and Road Warriors).
That VPN uses IPSec.
I recommend its use for any beginner who has such a box (and has IPv4 or Dual Stack, as AVM hasn't managed to upgrade their IPSec to IPv6-compatibility yet).


Some other routers do have built-in VPN functionality too and as long as that one isn't using PPTP, it's worth a try.


If your router doesn't have VPN functionality: Some NAS' do also offer this feature.
1st box: Vu+ Ultimo 4k 4xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
2nd box: Gigablue Quad 4k 2xDVB-S2 FBC / 2xDVB-C / 1.8 TB HDD / OpenATV 6.2
testing boxes: Vu+ Duo² + AX Quadbox HD2400 + 2x Vu+ Solo² + Octagon SF4008
Sats & Pay-TV: Astra 19.2°E + Hotbird 13°E with Redlight / SCT HD / SES Astra HD- / Sky V14 / 4th empire propaganda TV
Card-Server: Raspberry Pi + IPv6-capable oscam
Router: Linksys WRT1900ACS w/ LEDE + Fritz!Box 7390


15 user(s) are reading this topic

0 members, 15 guests, 0 anonymous users