Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.


surfisup1000

5288 posts

Uber Geek


#267968 20-Feb-2020 16:05
Send private message

My wish is to broadcast high quality livestreams of sports events, to anyone with an internet connection and an RTMP capable media player. 

 

My setup is to connect my camcorder to my laptop, and use OBS to capture/send the livestream over 4g/wifi to my home RTMP server, from where anyone can view the stream...ie,...

 

Camcorder/laptop -> {cloud} ->  home lan UBUNTU RTMP server  -> {cloud} ->-> video player client(s), eg, VLC

 

This actually works extraordinarily well - livestreams 1080P/50 with no dropped frames and minimal lag from anywhere to anywhere.

 

My concern is my home lan ubuntu RTMP server ... which is an intel PC, Ubuntu 18.04LTS, and NGINX with RTMP listener to relay the stream on port 1935. 

 

 

 

For this to work, I've forwarded port 1935 in my router to the ubuntu server --- it means this port exposes my ubuntu machine to the world -- is this a security risk that I should worry about? 

 

 


Create new topic
SpartanVXL
1319 posts

Uber Geek


  #2424606 20-Feb-2020 16:51
Send private message

So generally yes, a direct exposure is not recommended. You’d want something in front usually that can handle the requests (your router would do this) that you can configure for a bit of security. Otherwise you machine itself will need to do this.

Eg. Are things that block bad requests, block spam connections or even a geoip filter to stop majority of spam from US/China/Russia

Someone can probably explain some better steps, but jist is you kinda have to have it open somehow to serve content.



hio77
12999 posts

Uber Geek

ID Verified
Trusted
Lizard Networks

  #2424612 20-Feb-2020 17:20
Send private message

can you provide your ip so we can check it's secure? ;) /s





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 

 


freitasm
BDFL - Memuneh
79309 posts

Uber Geek

Administrator
ID Verified
Trusted
Geekzone
Lifetime subscriber

  #2424613 20-Feb-2020 17:24
Send private message

Port forwarding is always a risk. You will be responsible for making sure the server software does not have security vulnerabilities and update it to new versions as needed. Ideally you would be behind a proxy that could determine DDoS, credential stuffing, geolocation, etc to make sure you keep some threats at large.





Please support Geekzone by subscribing, or using one of our referral links: Quic Broadband (free setup code: R587125ERQ6VE) | Samsung | AliExpress | Wise | Sharesies | Hatch | GoodSync 




surfisup1000

5288 posts

Uber Geek


  #2424618 20-Feb-2020 17:40
Send private message

freitasm:

 

Port forwarding is always a risk. You will be responsible for making sure the server software does not have security vulnerabilities and update it to new versions as needed. Ideally you would be behind a proxy that could determine DDoS, credential stuffing, geolocation, etc to make sure you keep some threats at large.

 

 

Think I get it... software is updated at least. 

 

The main thing I'm worried about whether someone can use an open port vulnerability to access data and run malicious programs on windows PC's on the same lan. 

 

This is only a one day event anyway, maybe I'll just open the port for when I need it. 


surfisup1000

5288 posts

Uber Geek


  #2424620 20-Feb-2020 17:46
Send private message

SpartanVXL: So generally yes, a direct exposure is not recommended. You’d want something in front usually that can handle the requests (your router would do this) that you can configure for a bit of security. Otherwise you machine itself will need to do this.

Eg. Are things that block bad requests, block spam connections or even a geoip filter to stop majority of spam from US/China/Russia

Someone can probably explain some better steps, but jist is you kinda have to have it open somehow to serve content.

 

Thanks, this helps..... I should mention this is only a one-off event, I don't need a permanent solution.

 

I wonder if it is possible to block all incoming requests, except for port 1935 and the request originates from NZ . Fritzbox is pretty basic though . 

 

I could just use mixer, the lag wasn't too bad compared to other live streaming platforms . 


timbosan
2159 posts

Uber Geek


  #2424621 20-Feb-2020 17:51
Send private message

surfisup1000:

 

freitasm:

 

Port forwarding is always a risk. You will be responsible for making sure the server software does not have security vulnerabilities and update it to new versions as needed. Ideally you would be behind a proxy that could determine DDoS, credential stuffing, geolocation, etc to make sure you keep some threats at large.

 

 

Think I get it... software is updated at least. 

 

The main thing I'm worried about whether someone can use an open port vulnerability to access data and run malicious programs on windows PC's on the same lan. 

 

This is only a one day event anyway, maybe I'll just open the port for when I need it. 

 



General answer is, it depends.  On the port, on the software, on the O/S, on the attackers, etc.  I have hacked into systems through open ports and managed to gain SSH access on dummy systems when applying for infosec jobs (part of the technical testing).  So it's possible. 

If your network supports I would put the system running the software on a separate VLAN, at least that way you separate things.


Yoban
447 posts

Ultimate Geek


  #2424711 20-Feb-2020 22:17
Send private message

Hi there
Plus you not setup vpn on router and then tunnel home? Not sure if impact on stream though.

 
 
 

Move to New Zealand's best fibre broadband service (affiliate link). Free setup code: R587125ERQ6VE. Note that to use Quic Broadband you must be comfortable with configuring your own router.
chevrolux
4962 posts

Uber Geek
Inactive user


  #2464276 17-Apr-2020 15:53
Send private message

Run OBS and stick it out to Youtube/Twitch/etc...

 

No port forwarding, very easy to configure, high quality (assuming the orignal content is good quality).

 

On the other hand, for a one day event?.... I probably wouldn't stress too much about just port forwarding if that's easier. But for viewers, it's certainly nicer to just hit a YouTube link than it is to load a stream in to VLC.


surfisup1000

5288 posts

Uber Geek


  #2464285 17-Apr-2020 16:06
Send private message

chevrolux:

 

Run OBS and stick it out to Youtube/Twitch/etc...

 

No port forwarding, very easy to configure, high quality (assuming the orignal content is good quality).

 

On the other hand, for a one day event?.... I probably wouldn't stress too much about just port forwarding if that's easier. But for viewers, it's certainly nicer to just hit a YouTube link than it is to load a stream in to VLC.

 

 

Youtube/facebook/twitch/periscope and most of the others had a 5-10 second delay on live streaming. Also, some of them had restrictions on the bandwidth. 

 

That was unacceptable to me for real-time 2 way communication. 

 

Microsoft had a pretty good live streaming service, the delay was maybe 2 seconds. 

 

But, using my RTMP solution, it is maybe a 300ms delay for 1080p video. 

 

Regardless, covid-19 put an end to the event. But, there will be another day :)

 

 

 

 

 

 

 

 


Create new topic





News and reviews »

Air New Zealand Starts AI adoption with OpenAI
Posted 24-Jul-2025 16:00


eero Pro 7 Review
Posted 23-Jul-2025 12:07


BeeStation Plus Review
Posted 21-Jul-2025 14:21


eero Unveils New Wi-Fi 7 Products in New Zealand
Posted 21-Jul-2025 00:01


WiZ Introduces HDMI Sync Box and other Light Devices
Posted 20-Jul-2025 17:32


RedShield Enhances DDoS and Bot Attack Protection
Posted 20-Jul-2025 17:26


Seagate Ships 30TB Drives
Posted 17-Jul-2025 11:24


Oclean AirPump A10 Water Flosser Review
Posted 13-Jul-2025 11:05


Samsung Galaxy Z Fold7: Raising the Bar for Smartphones
Posted 10-Jul-2025 02:01


Samsung Galaxy Z Flip7 Brings New Edge-To-Edge FlexWindow
Posted 10-Jul-2025 02:01


Epson Launches New AM-C550Z WorkForce Enterprise printer
Posted 9-Jul-2025 18:22


Samsung Releases Smart Monitor M9
Posted 9-Jul-2025 17:46


Nearly Half of Older Kiwis Still Write their Passwords on Paper
Posted 9-Jul-2025 08:42


D-Link 4G+ Cat6 Wi-Fi 6 DWR-933M Mobile Hotspot Review
Posted 1-Jul-2025 11:34


Oppo A5 Series Launches With New Levels of Durability
Posted 30-Jun-2025 10:15









Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.