-
Get involved.
We want your input!
Apply for Membership and join the conversations about everything related to broadcasting.
After we receive your registration, a moderator will review it. After your registration is approved, you will be permitted to post.
If you use a disposable or false email address, your registration will be rejected.
After your membership is approved, please take a minute to tell us a little bit about yourself.
https://www.radiodiscussions.com/forums/introduce-yourself.1088/
Thanks in advance and have fun!
RadioDiscussions Administrators
BARIX HACK
- Thread starter Radio Bob
- Start date
Yes,
Yes, I experienced a hack on Monday
Barix 🤮🤮🤮🤮
Based on other hacks, when it happens you most likely can come up with a patch that will last a limited time. The bad guys have "seen" all of your stuff. The only way to stop a revisit is to build an new site from the ground up in a form of Linux. Or really limit access. I personally hated like my limited exposure to Linux, but a very large percentage of the hackers use it and it is really difficult to develop a virus for Linux because you end up infecting your own computer. I am sure there is someone smart enough to do it, but if you're that good you will make more money in cyber security.
In all of the Barix hacks I've heard root-caused, the station simply left the default password on their Extreamer. Most "hackers" aren't sophisticated enough to find anything novel, and Barix hasn't released any recent patches.
I don't know either personally but I doubt both "radio Bob" and 525KQ both made the same mistake within 3 days, if the made the mistake in the first place
as far as i know, anytime the barix hack has happened.. its because the default username/password wasnt changed and the barix was using a publicly accessible ip address. that simple
I thought Barix units only operated using the old "dotted Quad" (the numbers that no human can remember) address bypassing the Domain Name servers. Cheap small PCs (never a laptop!) can run most tunneling protocol schemes and can really limit access to anyone on the Internet. Just be sure to turn off updates.
Yeah, barix boxes are accessed by IP addresses.. 192.168 which is an internal ip addy or a 172 or 98. whatever which is public. And the problem is many users dont make the barix private and dont change the stock user name/password
potentially a raspberry pi thing you build yourself..... cheaper and safer but in terms of pro gear? no.. deva streamer from .. well Deva.. is more expensive but good.. and a comrex bric link is more expensive
Comrex BRIC-Link III - Move away from PTP links like Ubiquiti, only fiber, copper or an ISP provider with DOCSIS, GPON or VSDL
Unfortunately a lot of folks have* to use some kind of Internet STL. Being "old school" I would use a microwave STL if possible. Has BE messed up Marti yet?
*I get the "virtual studios" and clusters in non line of site buildings. Also it is easier and possibly cheaper for a IT person to set up and work on Internet based products.
*I get the "virtual studios" and clusters in non line of site buildings. Also it is easier and possibly cheaper for a IT person to set up and work on Internet based products.
I agree; I prefer to use an analog link. But unfortunately, the industry is filled with IT engineers who want to solve everything with encoders and Wi-Fi links.
how about.. sometimes you cant?
I cant get an STL shot 100 miles through mountains to a station here.
And when I worked in California in a rated market, no free microwave STL frequency was available. We were told there was, lit up and half a day after, another station bitched saying we were on their frequency.
The city had no landline service, very very power cell service, but the locally owned wireless ISP shared a tower with the radio station. We had a comrex briclink at the station on DSL and a private wireless internet rec'v at the tower. Was flawless except when winds were so bad it blew the wireless dish out of alignment.
When I was in the USAF as a "radio relay repair man" (pre PC days) the AN TRC 97A van had an tropo option. Anything more than line of site got tropo. In fact the was a cold weather "low power tropo option" that was used often in snow or extreme fog around Elgin and Gulf Coast for line of site shots. I would believe any 100 mile shot would be subject to thermal inversions, rain, snow etc. anywhere no just Alaska.
KRVN-AM has a back up microwave STL shot and a 3rd STL because the STL goes across a river and because its such a vital station, they have a back up to a back up
Are they an EAS " input" station?
Back to Barix sort of. After 9/11, I am paranoid of some creative person figuring out how to cause harm the USA. Do any EAS origination stations use Barix? Is this just a "test" hoping we will think it's a password issue when it is something else? I guess I will have to see a therapist not to wonder.