# DVB-T vlc streaming server

## hogar

I want to build a dedicated server for streaming dvb-t signal over local network.

I was thinking of using hardened profile for this box since I've read that a

hardened profile is more secure than a default server profile.

This box should be running:

1. vlc - working as streaming server for dvb-t signal

2. sshd

To setup this box I'm mostly using Gentoo Security Handbook

(http://www.gentoo.org/doc/en/security/security-handbook.xml?full=1). Is

everything described in this handbook enough to build a secure server?

I would like to use grsecurity and pax so I'll use manuals from

http://www.gentoo.org/proj/en/hardened/

I was thinking of running vlc with this command:

SUDO_UID=65534 vlc-wrapper <input interface and commands> --sout udp:235.2.2.2

--ttl 12

I've only written en example of this command since I still didn't buy a dvb-t card

or a tested dvb-t streaming. Of course, I'll run vlc as daemon and I'll create a

pid file for this process.

This command creates two processes: vlc-wrapper running as root, and vlc running

and user nobody with /bin/false shell. Since vlc-wrapper is running as root and

vlc had security vulnerabilities, is this safe enough or should I run vlc from

chroot environment using only bash and vlc (minimal system using only binaries

and libraries required by this two programs and some system config files)?

Is there some other program that is better than vlc for streaming dvb-t over LAN?

Is it safe enough to properly configure sshd to use authentication based on

public key encryption as it is described in Gentoo Security Handbook and use

some other port for ssh (not the default port 22)?

Or maybe I should use port knocking, too?

Maybe all of these security measures are an overkill for this purpose.

But this computer should be on LAN in dormitory with about 700 students and I

want it to be as secure as possible.

There is a network admin for that LAN but this is a students' project.

I've never done something like this so it is an opportunity for me to learn a lot about

security, securing services, firewalls etc. Since this is in my opinion a great

learning opportunity I would like to implement as many security measures as

possible. Also I would like to have uptime for as long as possible.

Although I've been using gentoo for 4 years now I don't know much about Linux so any help

or advice would be appreciated.

----------

## col

If I were you I would just install mythtv. The you can change channels, record + so many other things.

----------

