I just thought that firewalling would be the most obvious thing to include in the kernel while we are waiting for a way to secure the way emplode works over ethernet.
With this I can completely block all unwanted networktraffic to the player.
I work at a large site (+/- 3500 IP-adresses) and a WAN connection to over 100.000 which can all connect to my tiny empeg. Some dude from the other side of the world could download empload from the web and start trashing my empeg player once they find out which IP it's got ( fairly simple, I added an alias called 'empeg' in DNS).

I've had hackers in my home system installing some client program that was meant to flood-ping a server when it received a network-packet on a specific port. They installed a whole bunch of those programs on several machines around the world. Once they send one packet to those machines, they all begin to broadcast network-packets as fast as they can, rendering the target-machine completely isolated. They never knew who hit them as traces lead back to the hacked systems.



Frank van Gestel