tschweikleat_private wrote: >RealServer exposes internal IP addresses if requested to >deliver real media files: >62.158.114.150 -> 192.168.13.33 HTTP > GET /ramgen/extern/genoverb/weinkauf.rm HTTP/1.0 >192.168.13.33 -> 62.158.114.150 HTTP > (proxy) R port=1210 >192.168.13.33 -> 62.158.114.150 HTTP > HTTP/1.0 200 OK >192.168.13.33 -> 62.158.114.150 HTTP > rtsp://192.168.13.33:554/extern/genoverb/weinkauf.rm >The Server is located inside a DMZ. Network-Address >translation is in effect from internet as is from campus. >In my opinion this may be usedfull for an intruder, and >RealNetworks should fix this. I've informed them about >6 weeks ago, calling them again four weeks later, then >14 days ago, but no reaction on there side until now. FWIW - some time ago (Sept.99) I addressed this issue with Real. I sent them a similar bit of info: >$ GET http://realg2.example.com:8080/ramgen/foo.rm >reveals- >rtsp://192.168.11.12:554/foo.rm >--stop-- >pnm://192.168.11.12:7070/foo.rm >server info: >WinNT Version 6.0.3.303 I got this reply: >> 1. Add the following line to the end of your rmserver.cfg: >> <Var HostName="IP-or-HostName"/> >> 2. In the URL add the text "?usehostname" >> so that your URL will look like: >> http://demos.real.com:8080/ramgen/g2video.rm?usehostname >> The variable <Var HostName="IP-or-HostName"/> is only supported in >> the RealServer 6.1 Beta version. I don't have any idea what version they're up to currently or if any of this indeed works... I lost interest myself. -- Doug Monroe
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:39:43 PDT