hello ravenstar, im still on superhub 1, so i dont have the seting like in ur screenshot with local port range 65535-65535 so is it just the case of port forwarding like below? does it still work out fixing the problem, thanks
name portrange Protocal ip address SSDP 1900 UDP 192.168.0.253 mDNS 5353 UDP 192.168.0.253
As have others, I've received the mDNS letter. A Shodan IOT search confirms mDNS port open on my public IP.
However, a nmap scan on my network doesn't show any devices listening on the port and I don't have any port forwarding rules at all in the SuperHub3.
The only thing I can think of is that I've only recently removed my raspberry pi from the DMZ, so maybe that showed up...
I'm thinking as nmap shows no mDNS ports listening and there aren't any firewall rules I can modify that there's not a lot I can/need to do..!?! Frustrating that you can't apply deny rules to the inbound rules on the firewall.
Don't Virgin (Yes they do - Just checked) Block the netbios ports from 135 - 139 !!!
And i am curious as to why i received a letter saying i had been compromised on my own network (DId make me laugh) !! I am running a ps3 media server program which shares all my media and no one can access this unless they are on my subnet. I know my way around a cisco network / switches and company routing.
Just looked at Shadowscan. WTG geniuses. Pop out the information that there is between 4 and 8 million DNS Amp attack boxes that are still alive. You only need a handful to completely cripple a website. And to make it worse, they told you what countries have the highest and what port. I always wondered where some idiots got their IP ranges from for Amp Scanning.
Anyway, if it helps, i binned the letter and ignored it, as for me, it was a mere informational.
EDIT - For anyone who has a linux box, just enter then following to see if your box has NTP enabled and running.