Menu
Reply
  • 2
  • 0
  • 0
Lanky66
Joining in
152 Views
Message 1 of 2
Flag for a moderator

SSDP vulnerability letter

I just received a letter re SSDP vulnerability. It refers to an IP address which in the Superhub2 is a WAN address (whatever that means). It states that I have a device connected to the network that has a potential SSDP vulnerability. I was referred to virginmedia.com/ssdp which said to check port 1900 was blocked (it is & always was). I have done/checked the following:

1) Deselected UPNP

2) Increased firewall from default low to high setting

3) I noticed in the firewall log that there were 5 ICMP Flood events (are these attacks?) & any number of TCP- or UDP-based Port Scans recorded.

4) I don't know if this is relevant factor, but our 2 iPads were for some reason no longer connected to the wireless network & when I reconnected them I had to enter the passwords again, which seems a bit strange to me. All the devices that we have are password protected as are the Superhub & wi fi extenders. WPA2-PSK(AES) security mode is selected in the hub

Can somebody please advise me where to go with this now, how can I be sure if the risk is eliminated

Thanks 

0 Kudos
Reply
  • 2
  • 0
  • 0
Lanky66
Joining in
147 Views
Message 2 of 2
Flag for a moderator

Re: SSDP vulnerability letter

I have just discovered that the firewall on my Synology NAS was disabled, don't know if this the potential vulnerability that was picked up

0 Kudos
Reply