[Red5] "Secure" Streaming?
sven.schaetzl at stud.fho-emden.de
Sat Apr 28 09:23:52 EDT 2007
I?m searching for a technique which makes it - nearly - impossible to
"grab" a stream and save it directly to the clients harddisk.
(obviously this is possible by recording the signal on the sound card -
for mp3 - or in using a Screenrecorder - for Videos -, but besides that,
at least the latter reduces the quality, too...)
This way I want to avoid that streams can be played outside "our own"
How can I achieve this?
- With an authentication code to prevent inline-linking (see below).
Does red5 support this?
- In using Secure RTMP ?
With the server having an credible certificate and the flashplayer
But here I have to prevent Flashplayer Dissassembling, else its not very
Normally this way, even an "attack" with the help of tools like
"WireShark" should never give the possiblity to "grab" the stream?
Thanks for any thoughts / technical ways / ideas...
Protection from inline linking of video files
FlowPlayer can use authentication codes to protect against inline
linking <http://en.wikipedia.org/wiki/Inline_linking> of video and image
files. Inline linking is also known as hotlinking or direct linking. To
implement this in your site you need to use a server side script/app
that generates these authentication codes and stores them into a file
called /flowplayer_auth.txt/. The player reads the contents of this file
just before a protected clip is loaded and concatenates the contents to
clip's file name.
So if the code stored in the authentication file is
'asdfln83yrojfalu3rl' and the clip's url is 'cars.flv' the player
requests a file called 'asdfln83yrojfalu3rlcars.flv' from the server.
For this scheme to be effective the authentication code should change
periodically (for example once in a minute). Additionally the server
script/app needs to verify whether the incoming request contains a valid
code and only serve the file if the code is valid.
More information about the Red5