Yes your previous post scared me and I closed the port forwarding right away but my LMS still crashed. Doesn't it seem weird and highly unlikely that if this was a hacker that they would access my system to initiate a scan of my images, and my LMS would crash WITHIN ONE MINUTE of the exact same time on the previous day?
Check the scanner settings: maybe there are additional paths set up to be scanned for images. And check the audo scan plugin: it might have been set up to trigger a scan at some time of the day, causing the one minute exact crash you're seeing.
Yes, it seems unlikely, and even a few days ago I would not have believed it. But there are so many reports of that one plugin being "automatically" installed and configured to scan useless folders, combined with crashes and those users exposing their LMS to the internet, that I no longer have any doubts this is happening.
And why would a scan of all my images on my pc bring LMS down anyways?
As I said the image resizer might have a vulnerability making crashes likely if the scan hits certain files. Eg. I've seen it crash on extreme ratios (eg. 1x500px) etc. Or there might be files which actually aren't images, but for whatever reason have the an ending making the scanner think it was an image and crash it.
But really, I shouldn't need to defend my hint about your open ports. Crashing LMS is annoying. But keeping the port open would allow a hacker to install _his_ plugin which could do all kinds of ugly things. I'm actually tempted to do a proof of concept hack to scare the h... out of you guys questionning my conclusion ;-)
-- Michael _______________________________________________ Squeezecenter mailing list [email protected] http://lists.slimdevices.com/mailman/listinfo/squeezecenter
