UPNP - UDP:1900 - Want to close unused port

maf123sp · 13. Okt 2016

I'm running a Synology DS411+ (DSM 6.xx) juts as file server. A port scan showed me, that also the UDP port 1900 is open (UPNP, used for DLNA). I would like to close that port, since the disk station is not used for any media streaming.and should be invisible for DLNA client requests.
So far I couldn't find any setting which allows me to close that port. How can I close this port?

Thanks for any help!

Matthias

Anzeige · 13. Okt 2016

Hallo maf123sp,

Bücher und Hardware zum Thema gibt es bei Amazon: UPNP - UDP:1900 - Want to close unused port

Fusion · 13. Okt 2016

Do or did you have any media packages (Audio Station, Video Station or Media server) installed?

How did you facilitate the port scan?

maf123sp · 14. Okt 2016

No - there os no media package (photo, video, audio, installed). It was an external scan for vulnerabilities which includes the port scan.
Matthias

Fusion · 14. Okt 2016

Is this port open within the router? If yes, close it there. Or maybe the scan was faulty

maf123sp · 14. Okt 2016

I checked again: audio, video and photo is not installed - but is was installed.
What do you mean with the "within the router". The vulnerabilities scan was a professional scan - not started by me - and found some response on that port UDP:1900. There is no special firewall rule on the DS411+.
The router was out of the focus and can't be part of any solution.
Could it be, that the installation of photo, audio or video package start the UPNP/DLNA service and an de-installation does not stop completely this feature?

Thanks a lot!

Matthias

TheGardner · 14. Okt 2016

maf123sp schrieb:
What do you mean with the "within the router".
There is no special firewall rule on the DS411+.
The router was out of the focus and can't be part of any solution.

He just wasn't sure, if your scan was checking the router ports (from outside) or especially the ports on the 411+

So what can you do:

After you wrote, the scan was on the 411+ ports directly, then you have to be sure, that there's no firewall rule (for port 1900) under settings - firewall. But you have to check this carefully - not just on your LAN-card only! Just check all devices from the profile menu, or if there are other profiles as well!

maf123sp · 14. Okt 2016

Thanks for your answer!

I've checked the firewall settings (Control Panel/ Security/ Firewall). You are right - there is (now) more than 1 profile. In one profile there were on LAN/ PPoE a special rule for MAC file service defined. But there wasn't any setting for DLNA/ UPNP.
The underlying problem is, that some large companies do not allow running such devices in their infrastructure as long such ports are open.

jahlives · 14. Okt 2016

just to be sure: do you have a router in front of the DS or not? If yes: is it by any chance a DLink model? I know that a lot of Dlink consumer devices are shipped with a firmware that starts upnp on port 1900 on WAN interface

maf123sp · 14. Okt 2016

Interesting idea! The scan was done in an environment managed by professional admins. So I expect, that they have the knowledge to run the test correctly AND that they have the chance to compare the results. The 1900 port blamed here explicitly - which means; it is not the usual behavior in their environment.

jahlives · 14. Okt 2016

if you want to be sure that your DS does not allow udp port 1900 communication: add some firewall rules and test it again. Basically you'll need to rules

Code:

iptables -I DEFAULT_INPUT -p udp --dport 1900 -j DROP
iptables -I OUTPUT -p udp --dport 1900 -j DROP

Suche

UPNP - UDP:1900 - Want to close unused port

maf123sp

Benutzer

Anzeige

Fusion

Benutzer

maf123sp

Benutzer

Fusion

Benutzer

maf123sp

Benutzer

TheGardner

Benutzer

maf123sp

Benutzer

jahlives

Benutzer

maf123sp

Benutzer

jahlives

Benutzer

Kaffeautomat