Deco M9. How to block a port to incoming traffic
My ISP recommends that I block port 5353 to prevent a device in my network from being used as part of a botnet.
How can I block a port?
- Copy Link
- Subscribe
- Bookmark
- Report Inappropriate Content
@HCooney Hi, may I know which device you tried to block port 5353 for?
Normally, all the ports are closed by default for LAN-connected devices on Deco when accessing from WAN side.
- Copy Link
- Report Inappropriate Content
@HCooney I received an email from my ISP. This is the text.
"We're Emailing to let you know that your home network has been identified as having a potential Multicast DNS (mDNS) vulnerability.
An mDNS vulnerability is a security issue whereby a 3rd party can use this protocol to gain unauthorised access to information relating to your network/devices such as MAC addresses and services running on them. The 3rd party then can use IP spoofing to perform Distributed Denial of Service attack by directing replies from your network devices to their targeted device.
It is therefore important that you follow the advice in this Mail.
For clarity - this is not about a potential virus on your computer.
This is about a service that (probably) accidentally is exposed to the Internet
To resolve this we would recommend you to follow these instructions.
Disabling mDNS(Apple Bonjour or avahi-daemon) service if you are not using it is the easiest and the most effective solution.
Alternatively, configuring your firewall to block incoming traffic that uses UDP protocol on port 5353 would prevent anyone from accessing this service from outside your local network.
Below is some data to help you to identify the issue.
Time our source made the observation: 2022-02-06 04:44:27Z
IP-address: 109.255.42.80
Vulnerability: exposed multicast dns
If you have any further questions, we will be happy to assist you.
With kind regards,"HCooney wrote
My ISP recommends that I block port 5353 to prevent a device in my network from being used as part of a botnet.
How can I block a port?
- Copy Link
- Report Inappropriate Content
Thank you very much for the further update.
Could you please go to Deco APP>Overview>Three lines on the top>Deco lap>Wi-Fi assistant>Open Port Checker and check here whether port 5353 is closed or not?
By the way, if you go to Deco APP>More>Advanced>Port forwarding, any ports are opened here?
Then please also check Deco APP>More>Advanced>UPNP, if it is enabled, please try to turn it off.
Thank you again.
Best regards.
- Copy Link
- Report Inappropriate Content
@HCooney Thanks. Port 5353 is not open on my smartphone. UPNP was enabled and I have disabled it.
- Copy Link
- Report Inappropriate Content
Thank you very much.
And since then, have you received the notification email about MDNS again?
- Copy Link
- Report Inappropriate Content
@David-TP Not so far but those messages do not come very often. It may be another month before I see one.
- Copy Link
- Report Inappropriate Content
Information
Helpful: 2
Views: 1757
Replies: 6