Deco M9. How to block a port to incoming traffic

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.

Deco M9. How to block a port to incoming traffic

This thread has been locked for further replies. You can start a new thread to share your ideas or ask questions.
Deco M9. How to block a port to incoming traffic
Deco M9. How to block a port to incoming traffic
2022-04-02 15:47:14
Model: Deco M9 Plus  
Hardware Version:
Firmware Version: 1.5.6 20211018

My ISP recommends that I block port 5353 to prevent a device in my network from being used as part of a botnet. 
How can I block a port?

  2      
  2      
#1
Options
6 Reply
Re:Deco M9. How to block a port to incoming traffic
2022-04-06 09:25:39 - last edited 2022-04-06 09:27:10

  @HCooney Hi, may I know which device you tried to block port 5353 for?

Normally, all the ports are closed by default for LAN-connected devices on Deco when accessing from WAN side.

  0  
  0  
#2
Options
Re:Deco M9. How to block a port to incoming traffic
2022-04-07 22:00:11

  @HCooney I received an email from my ISP. This is the text.  

 


"We're Emailing to let you know that your home network has been identified as having a potential Multicast DNS (mDNS) vulnerability.

An mDNS vulnerability is a security issue whereby a 3rd party can use this protocol to gain unauthorised access to information relating to your network/devices such as MAC addresses and services running on them. The 3rd party then can use IP spoofing to perform Distributed Denial of Service attack by directing replies from your network devices to their targeted device.

It is therefore important that you follow the advice in this Mail.
For clarity - this is not about a potential virus on your computer.
This is about a service that (probably) accidentally is exposed to the Internet

To resolve this we would recommend you to follow these instructions.

Disabling mDNS(Apple Bonjour or avahi-daemon) service if you are not using it is the easiest and the most effective solution.
Alternatively, configuring your firewall to block incoming traffic that uses UDP protocol on port 5353 would prevent anyone from accessing this service from outside your local network.

Below is some data to help you to identify the issue.

Time our source made the observation: 2022-02-06 04:44:27Z
IP-address: 109.255.42.80
 Vulnerability: exposed multicast dns

If you have any further questions, we will be happy to assist you.

With kind regards,"

HCooney wrote

My ISP recommends that I block port 5353 to prevent a device in my network from being used as part of a botnet. 
How can I block a port?


 

 

  2  
  2  
#3
Options
Re:Deco M9. How to block a port to incoming traffic
2022-04-08 09:27:53 - last edited 2022-04-08 09:30:48

  @HCooney 

Thank you very much for the further update.

Could you please go to Deco APP>Overview>Three lines on the top>Deco lap>Wi-Fi assistant>Open Port Checker and check here whether port 5353 is closed or not?

By the way, if you go to Deco APP>More>Advanced>Port forwarding, any ports are opened here?

Then please also check Deco APP>More>Advanced>UPNP, if it is enabled, please try to turn it off.

Thank you again.

Best regards.

 

  0  
  0  
#4
Options
Re:Deco M9. How to block a port to incoming traffic
2022-04-08 12:26:37

  @HCooney Thanks.  Port 5353 is not open on my smartphone.  UPNP was enabled and I have disabled it.

  0  
  0  
#5
Options
Re:Deco M9. How to block a port to incoming traffic
2022-04-11 08:57:25

  @HCooney 

Thank you very much.

And since then, have you received the notification email about MDNS again?

  0  
  0  
#6
Options
Re:Deco M9. How to block a port to incoming traffic
2022-04-13 20:43:43

  @David-TP Not so far but those messages do not come very often. It may be another month before I see one.

  2  
  2  
#7
Options