Menu
This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK

Virgin Media Community

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Post a question

Reply
andycambs
  • 539
  • 2
  • 29
Superfast
424 Views
Message 1 of 3
Flag for a moderator

Potential Open DNS Resolver (ODNSR) vulnerability.

on ‎24-04-2020 16:20

I'm getting an email telling me that I should check Port 53 as it is a potential issue.

However, Port 53 UDP is required in and out for Ring doorbells. To enable Live View on the iPhone whilst at home, I have to put the iPhone in the DMZ setting. This lets me see the Live View from the Ring doorbell at home, but it apparently keeps flagging up as an issue.

Two questions

1 - is this really an issue as it's only the iPhone whilst in the house

2 - is there any other way I can resolve this without keep getting hassled by mail and email that I have a problem?

0 Kudos
Reply
legacy1
  • 15.52K
  • 666
  • 1.52K
Alessandro Volta
381 Views
Message 2 of 3
Flag for a moderator

Re: Potential Open DNS Resolver (ODNSR) vulnerability.

on ‎25-04-2020 00:15

You need a better router with 1Gb ports and use the hub in modem mode.

Ring doorbell does not need inbound port 53 it does DNS outbound along with other ports.

---------------------------------------------------------------

BQM, Test for outgoing ports and SSL/L2TP VPN test

0 Kudos
Reply
用心棒
  • 5.67K
  • 634
  • 1.97K
Very Insightful Person
Very Insightful Person
349 Views
Message 3 of 3
Flag for a moderator

Re: Potential Open DNS Resolver (ODNSR) vulnerability.

on ‎25-04-2020 13:40

FYI: The Protocols and Ports Used by Ring Devices; as legacy1 stated port 53 (dns) inbound access is not required.

@andycambs wrote:

Two questions

1 - is this really an issue as it's only the iPhone whilst in the house

Yes because Shadowserver, a trusted third-party reporter, Open Resolver Scanning Project saw a response to its DNS query; it is unlikely your iPhone produce the detected response.


2 - is there any other way I can resolve this without keep getting hassled by mail and email that I have a problem?

Stopping your network from reply to DNS queries will resolve the issue.

 

As a Very Insightful Person, I'm here to share my knowledge. I don't work for Virgin Media.

Click to learn more about VIP

  Use Kudos to say thanks

  Mark as Helpful Answer if I've helped

0 Kudos
Reply

Digital life blog

News

Help videos

Help forum