Hi Branko, Branko Pecnik schrieb:
Thanks for yours sugestions john. But I think this will not help. Apache does know nothing about RTMP. Every thing what will be rtmp, Apache will transfer to red5, bad packets to. Nothing solved with this. IP filtering is not a solutions, because most of internet users have dynamic IP, or bad guys can use proxies – TOR for example. The only real solution what I see is, that red5 must recognize bad packets (it’s content)..
starting in r2111, the handshake response sent by a client is verified and if it's invalid, the client is immediately disconnected. Please let me know if this fixes all use-cases, or if there are other areas where checking is required. Joachim
smime.p7s
Description: S/MIME Cryptographic Signature
_______________________________________________ Red5 mailing list [email protected] http://osflash.org/mailman/listinfo/red5_osflash.org
