3 Replies Latest reply: Jan 29, 2010 1:32 AM by Janaki Lakshmikanthan RSS

    How to secure live encoding

    CarphuntinGod Community Member

      We just found out someone is bouncing a pirated feed off our FMIS 3.5.2 server.

       

      So... after months of not having to look at this thing (and not remembering crap about parts of the setup), I'm trying to discover a few things.

       

      First is, how do we tell FMIS which vhost allows live encoding?   Second, as I look at the logs and logger.xml, I'm trying to tell how to force it to show the ip's of inbound/outbound traffic.  Think I'm doing the right things to the file, but the log for the application/entry point the pirate is using doesn't show what I believe I configured to be the fields that should show up in the log.   Finally, trying to figure out how to force authentication of media encoders talking to the server.

       

      I'm scanning the online help docs, etc. trying to remember all this stuff.... but if anyone can say "look at this page in the pdf, and this page in the online" to affect what I need to do to lock this up quick, the help would be much appreciated.

        • 1. Re: How to secure live encoding
          JayCharles Community Member

          You can't restrict what clients can and can't do on a given Vhost by configuration.

           

          I find that the best solution is to secure your application via actionscript. See discussion here:

           

          http://forums.adobe.com/thread/542789?tstart=0

          • 2. Re: How to secure live encoding
            CarphuntinGod Community Member

            Well, at least for now we've loaded the fmle authentication module into our 352 fmis.  Unless you people tell me differently, it appears you have to give a name and pass to get an encoder to talk through our box.   this appears to be enough for us to stop the current pirate pumping stuff off our server.

             

            Now that we have this auth module in, where do access FMLE attempts/denies get logged?  The access.log files in /fms35server/logs don't appear to show user access granted/denied entries.   do they exist somewhere else? or do we have to do some alteration to logger.xml?

            • 3. Re: How to secure live encoding
              Janaki Lakshmikanthan Employee Hosts

              If a user tries to connect to FMS and the server denies the connection, access.log should have events "connect" and "disconnect" logged in it with relevant status code - The reason why it is disconnected. If you are managing this using Authorization PlugIn, you should find similar logs in authEvent log file as well. The status code list and its description can be seen in "FMS Configuration and Admin" doc. Make sure you have enabled required Events and fields for 'access' and 'authEvent' logs in Logger.xml.

               

              Regards,

              Janaki L