cancel
Showing results for 
Search instead for 
Did you mean: 

"Your home devices could be at risk"

benwade2010
Up to speed

Hi guys,

Hope you & your families are all in good health.

I have had 2 emails from virgin media over the past month stating that my home devices could be at risk.

Apparently it has something to do with 'Multicast DNS'. The first email was sent on the same day that I installed the 'Crunchyroll' app on my iPad. There is a feature to stream from the Ipad to other devices, however, I have disabled this but still received another email.

It is important to note that I have many TCP&UDP adjustments for PS5 NAT optimisation.

We have been with Virgin for well over 10 years and this is the first time we have received anything like this.

Would really appreciate any help, guys. Is it possible that this is some automated email that has puck up a false red flag?

*I should also mention that the Internet has been dropping out terribly over the past month, sometimes like 30 seconds off 30 seconds on then a steady few hours etc.*

Is it possible that I am getting some sort of DDOS attack? Then again, what would someone gain from a DDOS on me?

Kind regards,

Ben

1 ACCEPTED SOLUTION

Accepted Solutions

jbrennand
Very Insightful Person
Very Insightful Person
These are usually scam emails.

You connection issues are separate. Post up more details. Is it "dropping" on ethernet cable connections as well as wifi? Are there any known problems reported on - 0800 561 0061 ?

--------------------
John
--------------------

I do not work for VM. My services: HD TV on VIP (+ Sky Sports & Movies & BT sport), x3 V6 boxes (1 wired, 2 on WiFi) Hub5 in modem mode with Apple Airport Extreme Router +2 Airport Express's & TP-Link Archer C64 WAP. On Volt 350Mbps, Talk Anytime Phone, x2 Mobile SIM only iPhones.

See where this Helpful Answer was posted

8 REPLIES 8

jbrennand
Very Insightful Person
Very Insightful Person
These are usually scam emails.

You connection issues are separate. Post up more details. Is it "dropping" on ethernet cable connections as well as wifi? Are there any known problems reported on - 0800 561 0061 ?

--------------------
John
--------------------

I do not work for VM. My services: HD TV on VIP (+ Sky Sports & Movies & BT sport), x3 V6 boxes (1 wired, 2 on WiFi) Hub5 in modem mode with Apple Airport Extreme Router +2 Airport Express's & TP-Link Archer C64 WAP. On Volt 350Mbps, Talk Anytime Phone, x2 Mobile SIM only iPhones.

Hi John,

Thank you 👍 I suspected as much because I've never had one of these emails before. Strange though because there's usually some sort of 'sign in here to fix the problem' link. No dodgy URL's, no diamond miner without funds for a pickaxe, nothing.

Connection is looking good this morning.

Many thanks & kind regards,

Ben

Mods - Please mark this thread as closed, everything is fine now.

wm29
On our wavelength

Not quite................

I got an email too, but followed up with a letter with the same content as the email.

Mine stated "your home network has been identified as having a potential open NetBIOS vulnerability".

It quoted VM's IP: [MOD EDIT: REMOVED] and the date.

Although I replied to the email (it didn't bounce), I got no reply.

If these warnings are valid ones, it would help if VM elaborated more on the possible causes.

[MOD EDIT: Personal and private information has been removed from this post. Please do not post personal or private information in your public posts. Please review the Forum Guidelines]

Paulina_Z
Forum Team (Retired)
Forum Team (Retired)

Hi @wm29,

 

Thank you for getting in touch with us about this!

 

From looking a the email you have described here, it looks to be from our Internet Security team, and would not be a scam or phising attempt.

 

We would advise to follow the steps listed on the letter - if you have any issues with that or need more assistance, please let us know.

 

You can take a look here for more information about emails from our Internet Security team here.

 

We're more than happy to help.

 

Thanks! 

Paulina_Z
Forum Team

New around here? Check out the do's and don'ts, in our Community FAQs


wm29
On our wavelength

Apologies to Mod.

Didn't realise that VM's IP address would fall into the realm of personal or private info.

Sorry.

wm29
On our wavelength

I've had two more of these incidents, all at random times, and am still no further in isolating the origin of them. My home network is more complex the average and I'm at a loss as to know where to start.

My main router is a DrayTek Vigor 2927 - a dual WAN job - bought to facilitate having two broadband feeds to our home. One is Virgin Media via cable and the other is Plusnet via BT phone line. Although outages are rare here, they do happen, and usually first thing in the morning. Working from home is dependent on having a working broadband service and this seemed to be the simplest way to go. I did consider (and try) using a mobile internet service as my second feed.

WAN 1 has a VM Hub 3 in modem mode. WAN 2 has the Plusnet VDSL feed coming via a DrayTek Vigor 130. VM is the only one informing me of these incidents. Perhaps Plusnet might not be logging them and informing me.

I chose a 'non-wireless' main router as I use BT Whole Home mesh setup. I endeavour to use wired Ethernet connections where possible, but some devices are WiFi only: e.g. printers and Google Nest stuff.

I do have Fire TV sticks connected to our two TVs. These are supplied as WiFi only. I bought these https://www.amazon.co.uk/gp/product/B07W8ZQJL9/ref=ppx_yo_dt_b_asin_title_o00_s01?ie=UTF8&psc=1 to connect them to our network.

These are not 'approved' items and I am suspicious of of one them and eventually removed it as my gut feel was telling me this could be the culprit.

Time will tell. Any suggestions as to an action plan if I get another 'incident'?

 

Zak_M
Forum Team (Retired)
Forum Team (Retired)

Good afternoon @wm29 

 

Welcome back to the forums and thank you for taking the time to post. 

 

I am sorry to hear that you have had some issues with these email alerts. 

 

I have taken a look over things and can see that our internet security have sent these to you. 

 

I have emailed internet security team and asked them to advise further.  They haven't specified the device that is causing this issue, 

 

However they have let me know what is causing the issue - NetBIOS, they have provided me with this following information NetBIOS is used to share files and folders across a local network. Other applications can use NetBIOS to map a network, allowing them to send messages to destination computers. Ports commonly used by NetBIOS can be exploited to commit abuse when exposed to the wider Internet. 

 

The following link has all the information regarding NetBIOS 

 

Kind regards,

Zak_M