bottleneck
Choose style:

Author Topic: Port open to the world  (Read 1497 times)

0 Members and 1 Guest are viewing this topic.

Offline lofftjm

  • Newbie
  • Posts: 2
  • Thanks: 0
  • Registered : 29/06/2015
    YearsYearsYearsYearsYears
Port open to the world
« on: October 25, 2016, 09:23:00 am »
I am using an Almond 2015.

After lsast weeks DDoS attacks I did a little poking around and found that port 8888 is open to everyone and reponds with a 404 message:  (I masked my real IP in the output below)

I tried the following from a server outside of my network:

linode> curl http://123.456.789.123:8888
<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>Not Found</H1>The requested URL was not found on this server.</BODY></HTML>

I believe that I verified that it is the Securifi Almond 2015 that is listing on port 8888 by trying to access it from inside my netwotk on the same port:

iMac> curl http://10.10.10.254:8888
<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>Not Found</H1>The requested URL was not found on this server.</BODY></HTML>

I know that my one and only "server" inside my netowrk is not listening on that port beucase both of the following returned no results:

iMac> netstat -anp udp| grep 8888

iMac> netstat -anp tcp | grep 8888

I do have other devices on the network (An Almond Peanut Plug, DVR's, tablets, phones etc) but in My Almond config I can't find any UPnP settings so I suppose it is a possibility that one of these devices poked a hole for port 8888.

Lastly "Remote management (via WAN)" is set to Deny and "DMZ Settings" is set to Disable.

How can I determine exactly what is listening on port 8888 and shut it off?

Offline mparadis

  • Backer
  • *
  • Posts: 1765
  • Thanks: 3
  • Registered : 02/08/2013
    YearsYearsYearsYearsYearsYearsYears
Re: Port open to the world
« Reply #1 on: October 25, 2016, 09:42:57 pm »
Interesting. I don't have an answer for you buy am interested in hearing the outcomes here.

Offline Ashok

  • Securifi Staff
  • *
  • Posts: 2769
  • Thanks: 3
  • Registered : 25/07/2014
    YearsYearsYearsYearsYearsYears
Re: Port open to the world
« Reply #2 on: October 31, 2016, 09:19:23 am »
@ lofftjm,

Mini upnp daemon is running on port 8888 and once we disable the UPNP, there shouldn't be any issues. This would be taken care through our next release.
« Last Edit: October 31, 2016, 09:23:39 am by Ashok »

 

Page created in 0.036 seconds with 22 queries.

bottleneck