I just received a letter re SSDP vulnerability. It refers to an IP address which in the Superhub2 is a WAN address (whatever that means). It states that I have a device connected to the network that has a potential SSDP vulnerability. I was referred to virginmedia.com/ssdp which said to check port 1900 was blocked (it is & always was). I have done/checked the following:
1) Deselected UPNP
2) Increased firewall from default low to high setting
3) I noticed in the firewall log that there were 5 ICMP Flood events (are these attacks?) & any number of TCP- or UDP-based Port Scans recorded.
4) I don't know if this is relevant factor, but our 2 iPads were for some reason no longer connected to the wireless network & when I reconnected them I had to enter the passwords again, which seems a bit strange to me. All the devices that we have are password protected as are the Superhub & wi fi extenders. WPA2-PSK(AES) security mode is selected in the hub
Can somebody please advise me where to go with this now, how can I be sure if the risk is eliminated