Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




4705 posts

Uber Geek


#267968 20-Feb-2020 16:05
Send private message quote this post

My wish is to broadcast high quality livestreams of sports events, to anyone with an internet connection and an RTMP capable media player. 

 

My setup is to connect my camcorder to my laptop, and use OBS to capture/send the livestream over 4g/wifi to my home RTMP server, from where anyone can view the stream...ie,...

 

Camcorder/laptop -> {cloud} ->  home lan UBUNTU RTMP server  -> {cloud} ->-> video player client(s), eg, VLC

 

This actually works extraordinarily well - livestreams 1080P/50 with no dropped frames and minimal lag from anywhere to anywhere.

 

My concern is my home lan ubuntu RTMP server ... which is an intel PC, Ubuntu 18.04LTS, and NGINX with RTMP listener to relay the stream on port 1935. 

 

 

 

For this to work, I've forwarded port 1935 in my router to the ubuntu server --- it means this port exposes my ubuntu machine to the world -- is this a security risk that I should worry about? 

 

 


Create new topic
568 posts

Ultimate Geek


  #2424606 20-Feb-2020 16:51
Send private message quote this post

So generally yes, a direct exposure is not recommended. You’d want something in front usually that can handle the requests (your router would do this) that you can configure for a bit of security. Otherwise you machine itself will need to do this.

Eg. Are things that block bad requests, block spam connections or even a geoip filter to stop majority of spam from US/China/Russia

Someone can probably explain some better steps, but jist is you kinda have to have it open somehow to serve content.

'That VDSL Cat'
12343 posts

Uber Geek

Trusted
Spark
Subscriber

  #2424612 20-Feb-2020 17:20
Send private message quote this post

can you provide your ip so we can check it's secure? ;) /s





#include <std_disclaimer>

 

Any comments made are personal opinion and do not reflect directly on the position my current or past employers may have.

 


 
 
 
 


BDFL - Memuneh
67476 posts

Uber Geek

Administrator
Trusted
Geekzone
Lifetime subscriber

  #2424613 20-Feb-2020 17:24
Send private message quote this post

Port forwarding is always a risk. You will be responsible for making sure the server software does not have security vulnerabilities and update it to new versions as needed. Ideally you would be behind a proxy that could determine DDoS, credential stuffing, geolocation, etc to make sure you keep some threats at large.





 

 

These links are referral codes

 

Geekzone broadband switch | Eletricity comparison and switch | Hatch investment (NZ$ 10 bonus if NZ$100 deposited within 30 days) | Sharesies | Mighty Ape | Backblaze | Amazon | My technology disclosure 




4705 posts

Uber Geek


  #2424618 20-Feb-2020 17:40
Send private message quote this post

freitasm:

 

Port forwarding is always a risk. You will be responsible for making sure the server software does not have security vulnerabilities and update it to new versions as needed. Ideally you would be behind a proxy that could determine DDoS, credential stuffing, geolocation, etc to make sure you keep some threats at large.

 

 

Think I get it... software is updated at least. 

 

The main thing I'm worried about whether someone can use an open port vulnerability to access data and run malicious programs on windows PC's on the same lan. 

 

This is only a one day event anyway, maybe I'll just open the port for when I need it. 




4705 posts

Uber Geek


  #2424620 20-Feb-2020 17:46
Send private message quote this post

SpartanVXL: So generally yes, a direct exposure is not recommended. You’d want something in front usually that can handle the requests (your router would do this) that you can configure for a bit of security. Otherwise you machine itself will need to do this.

Eg. Are things that block bad requests, block spam connections or even a geoip filter to stop majority of spam from US/China/Russia

Someone can probably explain some better steps, but jist is you kinda have to have it open somehow to serve content.

 

Thanks, this helps..... I should mention this is only a one-off event, I don't need a permanent solution.

 

I wonder if it is possible to block all incoming requests, except for port 1935 and the request originates from NZ . Fritzbox is pretty basic though . 

 

I could just use mixer, the lag wasn't too bad compared to other live streaming platforms . 


1699 posts

Uber Geek


  #2424621 20-Feb-2020 17:51
Send private message quote this post

surfisup1000:

 

freitasm:

 

Port forwarding is always a risk. You will be responsible for making sure the server software does not have security vulnerabilities and update it to new versions as needed. Ideally you would be behind a proxy that could determine DDoS, credential stuffing, geolocation, etc to make sure you keep some threats at large.

 

 

Think I get it... software is updated at least. 

 

The main thing I'm worried about whether someone can use an open port vulnerability to access data and run malicious programs on windows PC's on the same lan. 

 

This is only a one day event anyway, maybe I'll just open the port for when I need it. 

 



General answer is, it depends.  On the port, on the software, on the O/S, on the attackers, etc.  I have hacked into systems through open ports and managed to gain SSH access on dummy systems when applying for infosec jobs (part of the technical testing).  So it's possible. 

If your network supports I would put the system running the software on a separate VLAN, at least that way you separate things.


260 posts

Ultimate Geek


  #2424711 20-Feb-2020 22:17
Send private message quote this post

Hi there
Plus you not setup vpn on router and then tunnel home? Not sure if impact on stream though.

 
 
 
 


4544 posts

Uber Geek

Trusted

  #2464276 17-Apr-2020 15:53
Send private message quote this post

Run OBS and stick it out to Youtube/Twitch/etc...

 

No port forwarding, very easy to configure, high quality (assuming the orignal content is good quality).

 

On the other hand, for a one day event?.... I probably wouldn't stress too much about just port forwarding if that's easier. But for viewers, it's certainly nicer to just hit a YouTube link than it is to load a stream in to VLC.




4705 posts

Uber Geek


  #2464285 17-Apr-2020 16:06
Send private message quote this post

chevrolux:

 

Run OBS and stick it out to Youtube/Twitch/etc...

 

No port forwarding, very easy to configure, high quality (assuming the orignal content is good quality).

 

On the other hand, for a one day event?.... I probably wouldn't stress too much about just port forwarding if that's easier. But for viewers, it's certainly nicer to just hit a YouTube link than it is to load a stream in to VLC.

 

 

Youtube/facebook/twitch/periscope and most of the others had a 5-10 second delay on live streaming. Also, some of them had restrictions on the bandwidth. 

 

That was unacceptable to me for real-time 2 way communication. 

 

Microsoft had a pretty good live streaming service, the delay was maybe 2 seconds. 

 

But, using my RTMP solution, it is maybe a 300ms delay for 1080p video. 

 

Regardless, covid-19 put an end to the event. But, there will be another day :)

 

 

 

 

 

 

 

 


Create new topic





Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Chorus completes the build and commissioning of two new core Ethernet switches
Posted 8-Jul-2020 09:48


National Institute for Health Innovation develops treatment app for gambling
Posted 6-Jul-2020 16:25


Nokia 2.3 to be available in New Zealand
Posted 6-Jul-2020 12:30


Menulog change colours as parent company merges with Dutch food delivery service
Posted 2-Jul-2020 07:53


Techweek2020 goes digital to make it easier for Kiwis to connect and learn
Posted 2-Jul-2020 07:48


Catalyst Cloud launches new Solutions Hub to support their kiwi Partners and Customers
Posted 2-Jul-2020 07:44


Microsoft to help New Zealand job seekers acquire new digital skills needed for the COVID-19 economy
Posted 2-Jul-2020 07:41


Hewlett Packard Enterprise introduces new HPE GreenLake cloud services
Posted 24-Jun-2020 08:07


New cloud data protection services from Hewlett Packard Enterprise
Posted 24-Jun-2020 07:58


Hewlett Packard Enterprise unveils HPE Ezmeral, new software portfolio and brand
Posted 24-Jun-2020 07:10


Apple reveals new developer technologies to foster the next generation of apps
Posted 23-Jun-2020 15:30


Poly introduces solutions for Microsoft Teams Rooms
Posted 23-Jun-2020 15:14


Lenovo launches new ThinkPad P Series mobile workstations
Posted 23-Jun-2020 09:17


Lenovo brings Linux certification to ThinkPad and ThinkStation Workstation portfolio
Posted 23-Jun-2020 08:56


Apple introduces new features for iPhone iOS14 and iPadOS 14
Posted 23-Jun-2020 08:28



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.