Securifi Community Forum

Securifi Products => Almond 2015 => Topic started by: lofftjm on October 25, 2016, 09:23:00 am

Title: Port open to the world
Post by: lofftjm on October 25, 2016, 09:23:00 am

I am using an Almond 2015.

After lsast weeks DDoS attacks I did a little poking around and found that port 8888 is open to everyone and reponds with a 404 message:  (I masked my real IP in the output below)

I tried the following from a server outside of my network:

linode> curl http://123.456.789.123:8888
<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>Not Found</H1>The requested URL was not found on this server.</BODY></HTML>

I believe that I verified that it is the Securifi Almond 2015 that is listing on port 8888 by trying to access it from inside my netwotk on the same port:

iMac> curl http://10.10.10.254:8888
<HTML><HEAD><TITLE>404 Not Found</TITLE></HEAD><BODY><H1>Not Found</H1>The requested URL was not found on this server.</BODY></HTML>

I know that my one and only "server" inside my netowrk is not listening on that port beucase both of the following returned no results:

iMac> netstat -anp udp| grep 8888

iMac> netstat -anp tcp | grep 8888

I do have other devices on the network (An Almond Peanut Plug, DVR's, tablets, phones etc) but in My Almond config I can't find any UPnP settings so I suppose it is a possibility that one of these devices poked a hole for port 8888.

Lastly "Remote management (via WAN)" is set to Deny and "DMZ Settings" is set to Disable.

How can I determine exactly what is listening on port 8888 and shut it off?

Title: Re: Port open to the world
Post by: mparadis on October 25, 2016, 09:42:57 pm

Interesting. I don't have an answer for you buy am interested in hearing the outcomes here.

Title: Re: Port open to the world
Post by: Ashok on October 31, 2016, 09:19:23 am

@ lofftjm,

Mini upnp daemon is running on port 8888 and once we disable the UPNP, there shouldn't be any issues. This would be taken care through our next release.