Menu
Reply
andycambs
  • 539
  • 2
  • 29
Superfast
424 Views
Message 1 of 3
Flag for a moderator

Potential Open DNS Resolver (ODNSR) vulnerability.

I'm getting an email telling me that I should check Port 53 as it is a potential issue.

However, Port 53 UDP is required in and out for Ring doorbells. To enable Live View on the iPhone whilst at home, I have to put the iPhone in the DMZ setting. This lets me see the Live View from the Ring doorbell at home, but it apparently keeps flagging up as an issue.

Two questions

1 - is this really an issue as it's only the iPhone whilst in the house

2 - is there any other way I can resolve this without keep getting hassled by mail and email that I have a problem?

0 Kudos
Reply
legacy1
  • 15.52K
  • 666
  • 1.52K
Alessandro Volta
381 Views
Message 2 of 3
Flag for a moderator

Re: Potential Open DNS Resolver (ODNSR) vulnerability.

You need a better router with 1Gb ports and use the hub in modem mode.

Ring doorbell does not need inbound port 53 it does DNS outbound along with other ports.

---------------------------------------------------------------
0 Kudos
Reply
用心棒
  • 5.67K
  • 634
  • 1.97K
Very Insightful Person
Very Insightful Person
349 Views
Message 3 of 3
Flag for a moderator

Re: Potential Open DNS Resolver (ODNSR) vulnerability.

FYI: The Protocols and Ports Used by Ring Devices; as legacy1 stated port 53 (dns) inbound access is not required.


@andycambs wrote:

Two questions

1 - is this really an issue as it's only the iPhone whilst in the house

Yes because Shadowserver, a trusted third-party reporter, Open Resolver Scanning Project saw a response to its DNS query; it is unlikely your iPhone produce the detected response.


2 - is there any other way I can resolve this without keep getting hassled by mail and email that I have a problem?


Stopping your network from reply to DNS queries will resolve the issue.

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

  Use Kudos to say thanks

  Mark as Helpful Answer if I've helped

0 Kudos
Reply