Menu
Reply
manafest
  • 20
  • 0
  • 0
On our wavelength
648 Views
Message 1 of 10
Flag for a moderator

Network Attack email & Multicast DNS letter

Hi all,

Ok so a few weeks back (July 18th) i got a letter stating "your home devices could be at risk" A device connected to my network has been identified as having a potential multicast DNS vulnerability.

I put this down to recently putting my PS4 into a DMZ. So i changed that back to see if that might of been the cause.

I recieved another letter on the 21st saying the same thing and now wondered if it was in fact a recent update i had to my router causing this issue to show up as a false problem (its a gaming router so it prioratises certain traffic and some other wizardry.

Today i recieved an email saying:

"They had been notified by a third party that malicious traffic has been detected coming from a device using your internet connection."

(REF:VMIS60-NETWORKATTACKS-F008290268)

I have a Netduma Router and can see all the devices connected to my network and there isn't anything on there that shouldn't be. I've run Security, Spybot and Malwarebytes scan on My computer and my two kids laptops with all coming back clean. I've even scanned my phone, being the only android devices in the house and thats come back clean also.

Is it possible that I've been emailed in error?

The email states that if its not fixed then they could suspend or cancel my broadband!

Obviously i don't want that to happen but with nothing new on my network and all devices have been scanned and checked I'm not sure what else I'm supposed to do.

If anyone at Virgin could shed some light on the matter I'd appreciate it.

 

Regards

-James

 

0 Kudos
Reply
MikeRobbo
  • 15.27K
  • 1.17K
  • 1.94K
Alessandro Volta
644 Views
Message 2 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

Does your letter have your account number on it ?

Is there a 'please call us so that we can assist' phone number on the letter ?

Are you positive it is from Virgin Media and not something similar.

 


*********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
BT Smart Hub 2 with 70Mbs Download,18Mbs Upload, 9.17ms Latency & 0.35ms Jitter.
0 Kudos
Reply
manafest
  • 20
  • 0
  • 0
On our wavelength
641 Views
Message 3 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

Hi Mike,

Yes both the letter and email have my account number on them.

No instructions to "call this number" just advice on how to resolve the issue. so no red flags there.

-James

0 Kudos
Reply
MikeRobbo
  • 15.27K
  • 1.17K
  • 1.94K
Alessandro Volta
633 Views
Message 4 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

Does your Router have any kind of traffic management that you can see what each device is up to ?


*********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
BT Smart Hub 2 with 70Mbs Download,18Mbs Upload, 9.17ms Latency & 0.35ms Jitter.
0 Kudos
Reply
manafest
  • 20
  • 0
  • 0
On our wavelength
620 Views
Message 5 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

Yeah it does. I don't see anything out the ordinary on there either.

0 Kudos
Reply
MikeRobbo
  • 15.27K
  • 1.17K
  • 1.94K
Alessandro Volta
604 Views
Message 6 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

Try running a deep virus scan on as many devices as you can overnight.


*********************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************************
BT Smart Hub 2 with 70Mbs Download,18Mbs Upload, 9.17ms Latency & 0.35ms Jitter.
0 Kudos
Reply
legacy1
  • 15.91K
  • 687
  • 1.56K
Alessandro Volta
600 Views
Message 7 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

What dose not help is Chrome and Edge put in windows firewall for the inbound mDNS-in and no easy way to stop them after you remove them from coming back!

---------------------------------------------------------------
0 Kudos
Reply
Roger_Gooner
  • 6.53K
  • 472
  • 1.14K
Legend
572 Views
Message 8 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

Have you configured your firewall to block port 5353? If not, do so.

--
Hub 3.0, TP-Link Archer C8, TP-Link TL-SG1008D 8-port gigabit switch, V6
My Broadband Ping - Roger's VM Broadband Connection
0 Kudos
Reply
manafest
  • 20
  • 0
  • 0
On our wavelength
520 Views
Message 9 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

I don't use Chrome or edge but thanks for your input all the same.

0 Kudos
Reply
manafest
  • 20
  • 0
  • 0
On our wavelength
518 Views
Message 10 of 10
Flag for a moderator

Re: Network Attack email & Multicast DNS letter

I haven't, why that port out of interest?

I have now added this to the blocked ports, thanks Rodger

0 Kudos
Reply