Plex media servers actively scanned and used to amplify DDoS attacks
Click here to post a comment for Plex media servers actively scanned and used to amplify DDoS attacks on our message forum
illrigger
To be clear, this isn't a Plex problem, it's a router problem. No router should be exposing UPnP to the WAN side, which is what is being exploited here.
You can detect whether it is or not on your system by visiting Bad UPnP/SSDP - Check for WAN UPnP listening (benjojo.co.uk)
You should do so even if you aren't running Plex, since you can be exploited by many services outside it. If it shows you are vulnerable, your best option is to turn off UPnP in your router.
Reddoguk
Well it seems i'm not listening on UPnP WAN.
386SX
0blivious
Thanks for the verification link!
""All good! It looks like you are not listening on UPnP on WAN""
I was expecting it to tell me that it could fly a 747 through all the security holes. Apparently not, which is nice as I'm fairly clueless in this regard. (*back to watching PLEX...)
386SX
@0blivious for your 747 feeling there is this test:
https://www.heise.de/security/dienste/portscan/test/go.shtml?scanart=1
Page is in German.
Komplettcheck option tests all.
The checkmark has to be set so you are allowed to scan your WAN IP.
After selecting your desired options click on TEST STARTEN button.
Then fly ... 😉
Edit: TR-69 is for cable modems or routers.
insp1re2600
Can also use the old GRC shields up
https://www.grc.com/default.htm
Cybermarc
LOL. Plex has release a new version to prevent DDOS attacks, what a joke. Check the release notes Version 1.21.3.4014
StSimm1Plex Employee
3d
Plex Media Server 1.21.3.4015 is now available to Plex Pass users in the Beta update channel.
Plex Media Server 1.21.3.4014 is now available to everyone.
FIXES:
(Security) Mitigate against potential DDoS amplification by only responding to UDP requests from LAN
suty455
Always use this site every few ~Days lots of folks claim he is a fraud but his tool is simple to use and works and he was alerting the public to the dangers off UPnP many many years ago
https://www.grc.com/x/ne.dll?rh1dkyd2
insp1re2600
suty455
kakiharaFRS
thanks for the news totally missed that