Jellyfin's an awesome open source home media server. I'll show you how I use it to organize my movies and TV shows.Part 1 (how I rip media to my computer) he...
My Jellyfin server keeps getting pinged by EMOTET malware lately. Everyone here should be aware if you expose the Jellyfin port to the internet it will get data exfiltration attempts. Use strong passwords.
This is the biggest downfall of Emby/Jellyfin IMO. It’s a tradeoff from being reliant on Plex’s authentication servers, but requires a lot of technical knowledge to setup correctly (rather than just port forwarding and relying on a strong password).
The employee who got hacked was both using an insecure password (the exploit needs access to an admin account) and his Plex install was 2.5 years out of date.
Sure was! You need to be on top of paid and free and open source software from a security stand point. There’s no shortcut no matter what you think you’re paying for. Your threat model might be better when the service automates a Web proxy for you, but that’s only one facet. You trade problems but should never feel like you can “set and forget”. Sometimes it’s better for you to do it yourself because there’s no lying about responsibilities that way.
My Jellyfin server keeps getting pinged by EMOTET malware lately. Everyone here should be aware if you expose the Jellyfin port to the internet it will get data exfiltration attempts. Use strong passwords.
Why not use a reverse proxy to keep everything on port 443 behind your own domain or duckdns? /gen
Can you link a good resource for me to set this up myself ? To many similar but different guides and my ADD makes it impossible to reach the goal.
Look up Caddy V2 probably the most dead simple reverse proxy I’ve seen and they have solid documentation
I do this already and also am inside an encrypted Cloudflare tunnel… Still getting EMOTET warnings from my IDS.
This is the biggest downfall of Emby/Jellyfin IMO. It’s a tradeoff from being reliant on Plex’s authentication servers, but requires a lot of technical knowledge to setup correctly (rather than just port forwarding and relying on a strong password).
Plex was how last pass got hacked. https://www.howtogeek.com/147554/lastpass-data-breach-shows-why-plex-updates-are-important/
You still need to do stuff even if it is plex.
The employee who got hacked was both using an insecure password (the exploit needs access to an admin account) and his Plex install was 2.5 years out of date.
Sure was! You need to be on top of paid and free and open source software from a security stand point. There’s no shortcut no matter what you think you’re paying for. Your threat model might be better when the service automates a Web proxy for you, but that’s only one facet. You trade problems but should never feel like you can “set and forget”. Sometimes it’s better for you to do it yourself because there’s no lying about responsibilities that way.
How can you see that?
https://kbin.social/m/piracy@lemmy.dbzer0.com/t/618979/-/comment/3514808
That link doesn’t work :/
Use it behind a VPN
Don’t expose anything directly to the Internet except a VPN with strong auth.
Get a reverse proxy and strong passwords if you share with your loved ones.
There’s wireshark for Android. Put your public key on the phone and you’re almost done.
You’re thinking of WireGuard. WireGuard is a packet capture software.
Tailscale works nicely as well