Whilst watching BBC News or some other FTA channel the transmission will pause and then switch to another non FTA channel and freeze.

I cannot see any timers setup related to that time or channel, so I am starting to worry that recent 'friends' may not be what they appear???

Or could it be the EPG refresh for Sky???? (but I am sure that is set for the early morning and not 10pm.)

It has just flicked to another channel with the record light flashing.. but its not on a timer and now another satellite entirely.....

Any ideas gratefully appreciated.

Have you opened any ports for streaming remotely?

Yes. :rolleyes:

It's certainly possible and opening ports is the easiest way to allow someone to gain access to your receiver. as for the EPG theory, that would not happen, CrossEPG (I am assuming you'r using CrossEPG), CrossEPG in ViX is set to use a spare tuner by default, so all you would see is a banner on the screen showing it's progress, without taking it away fro the channel your watching.

Ok. Thanks. I have quickly changed my port mapping to be different externally to internally. That seems to have calmed it down. Trouble is I don't know which of my new 'friends' it may have been. But I really appreciate your insight.

Yes. :rolleyes:

I'd guess that's your prolem... People really shouldn't be opening streaming or any other ports to a public network unless you want your tuners used, bank account details stolen & so on...

Is there a secure password controlled way of streaming? I assume there must be but perhaps I haven't configured it well enough.

Is there a secure password controlled way of streaming? I assume there must be but perhaps I haven't configured it well enough.

'Secure' passwords & streaming don't currently work too well AFAIK.
You could try setting up a VPN for your devices to use, but again unless you know what you're doing, I wouldn't.
Never open a port to a public network without protection...

Is there a secure password controlled way of streaming? I assume there must be but perhaps I haven't configured it well enough.

Yes. Set up a VPN.

http://www.world-of-satellite.com/showthread.php?36336-Guide-to-setting-up-an-OpenVPN-server-on-Vix

Trouble is I don't know which of my new 'friends' it may have been.
The telnet command 'netstat' would have told you exactly which IP('s) was/were connected.

Is there a secure password controlled way of streaming? I assume there must be but perhaps I haven't configured it well enough.


The first thing to do is make sure your ftp password is set to something that only you will know..second thing to do is to set your Http port to something much higher than the default 80 port...something like 28080 as an example...and lastly in OpenWebif set (Enable Http Authentication) and (Enable Authentication for streaming)to yes.

I doubt that this will be one of your friends playing funny buggers as there is software that scans for open ports which is readily available on the net so keep things secure mate if you are going to start opening ports to the world wide web.

MK

The first thing to do is make sure your ftp password is set to something that only you will know..second thing to do is to set your Http port to something much higher than the default 80 port...something like 28080 as an example...and lastly in OpenWebif set (Enable Http Authentication) and (Enable Authentication for streaming)to yes.

I doubt that this will be one of your friends playing funny buggers as there is software that scans for open ports which is readily available on the net so keep things secure mate if you are going to start opening ports to the world wide web.

MK

correct me if wrong , but only reason to open ports would be to transcode....
after 800 builds transcoding was forced to using default http port 80 , so therefore will not be able to change to 28080 as you state.
dont know i this is still the case in helios , in anyone can confirm

correct me if wrong , but only reason to open ports would be to transcode....
after 800 builds transcoding was forced to using default http port 80 , so therefore will not be able to change to 28080 as you state.
dont know i this is still the case in helios , in anyone can confirm

The transcoding plugin it self is hardcoded to use that port, there is nothing we can do about it.

Hi,
port on VU+ must be 80 but this does not mean that it must be port 80 from the internet.

ciao

I've had the same problem and have no idea how to have functionality from outside on my phone without others getting access.

Getting back on this.. As I recently reflashed the box and started suffering again. I think I was Not enabling HTTP authentication for OpenWebif and enabling HTTP Authentication for streaming too so some real basic flaws there. At least I had set my password.
Would HTTPS be any stronger in some way? I can't see where it brings value (presuming uses same name/pwd) although I appreciate the S stands for secure.

https brings no advantage: it's also a user/pass to get in.
Only once in the data is encrypted (good when banking via a public WiFi connection.

But, as has been mentioned before: the telnet command 'netstat' tells you exactly who is connected to your box.

So - I've got a couple of different methods of doing this without directly exposing the sat box ports, but they require some advanced knowledge.

In reverse order of complexity...


IP Sec VPN
Setup your own ikev2 or openVPN vpn server, map these ports in the router, and use this to connect into the network
There's tutorials around, but its not for the feint hearted!

SSH Access to the network
Map the SSH port to the router (I do this through a raspberry pi not sat box), make sure you have changed all the default passwords to something strong, and consider setting up public/private key auth for added security. Map it to a non-ssh external port otherwise every script kiddy will take a pop, and even on a different port, you'll constantly get bruce force hack attempts. A cert prevents intrusion, and you can use something like deny hosts to block. From here you can SSH into your network and use tunnels/port forwards to access the streaming / webif ports on the sat box.

In android you can use something like connectbot o connect in and do this. A player app then connects into 'localhost' on the tunnelled ports.

Again, there are some tutorials for creating/adding certs to SSH.

PHP Proxy and apache security
On a server create a PHP page with the code similar to the following replacing the IP address and channel ID.



<?php
set_time_limit(24*3600);

$s = fopen("http://<IP ADDRESS>:<PORT>/<CHANNEL ID>","rb");

foreach ($http_response_header as $h) {
header($h);
}

while (!feof($s)) {
echo fread($s, 4096);
}

fclose($s);
?>



Map ip/port into router, and this will then allow you to access the stream via this php page.
You can then secure with a .htaccess file, perhaps even rewrite the URL if the player needs it.


All require some technical knowledge though

Getting back on this.. As I recently reflashed the box and started suffering again. I think I was Not enabling HTTP authentication for OpenWebif and enabling HTTP Authentication for streaming too so some real basic flaws there. At least I had set my password.
Would HTTPS be any stronger in some way? I can't see where it brings value (presuming uses same name/pwd) although I appreciate the S stands for secure.

I think the main advantage of https in this context is that your password gets encrypted when it is passed through the network.

So - I've got a couple of different methods of doing this without directly exposing the sat box ports, but they require some advanced knowledge.

In reverse order of complexity...


IP Sec VPN
Setup your own ikev2 or openVPN vpn server, map these ports in the router, and use this to connect into the network
There's tutorials around, but its not for the feint hearted!

SSH Access to the network
Map the SSH port to the router (I do this through a raspberry pi not sat box), make sure you have changed all the default passwords to something strong, and consider setting up public/private key auth for added security. Map it to a non-ssh external port otherwise every script kiddy will take a pop, and even on a different port, you'll constantly get bruce force hack attempts. A cert prevents intrusion, and you can use something like deny hosts to block. From here you can SSH into your network and use tunnels/port forwards to access the streaming / webif ports on the sat box.

In android you can use something like connectbot o connect in and do this. A player app then connects into 'localhost' on the tunnelled ports.

Again, there are some tutorials for creating/adding certs to SSH.

PHP Proxy and apache security
On a server create a PHP page with the code similar to the following replacing the IP address and channel ID.



<?php
set_time_limit(24*3600);

$s = fopen("http://<IP ADDRESS>:<PORT>/<CHANNEL ID>","rb");

foreach ($http_response_header as $h) {
header($h);
}

while (!feof($s)) {
echo fread($s, 4096);
}

fclose($s);
?>



Map ip/port into router, and this will then allow you to access the stream via this php page.
You can then secure with a .htaccess file, perhaps even rewrite the URL if the player needs it.


All require some technical knowledge though

I tried the Open VPN route and had great success... right up until my iphone refused to recognise the embedded certificates in the client.ovpn. I'm going to try with a Nexus 7, but if anyone can help.. I raised this comment against the OpenVPN instruction thread.