NAT & uPnP configuration

jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
10 Comments First Answer 5 Likes Photogenic
✭✭

can someone advise me on the following alert, please?




Internet Security Alert


 

Internet Security check found new open ports: TCP 21086 (via UPnP by Cam Controller)

I used to be fat.
Tagged:

Best Answers

  • MarcMarc Moderator, Beta Tester Posts: 1,523
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    Accepted Answer
    @jamzm, when you get your remote access sorted out, you might want to consider disabling UPNP on your router, which is what triggered this alert.  Its considered a security hole that's easy to fill in.
    Thats Daphnee, she's a good dog...
    jamzm
  • MarcMarc Moderator, Beta Tester Posts: 1,523
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    Accepted Answer
    @jamzm, for most home network configurations, I would leave NAT on...
    Thats Daphnee, she's a good dog...
  • MarcMarc Moderator, Beta Tester Posts: 1,523
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    Accepted Answer
    Take the exact error message and router brand and plug them into google and see what it spits out.  This might be something as simple as a certificate that's not trusted but it would be interesting to see if anyone else with your router brand has seen he same error message and how they solved it.
    Thats Daphnee, she's a good dog...

Answers

  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭

    This has reared its ugly head again.

    I used to be fat.
  • RobinRobin Administrator Posts: 2,659
    2500 Comments 100 Answers 250 Likes 100 Awesomes
    admin
    Hi @jamzm
    Have you checked if this port is being used by any application at that time under router settings?
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭

    Sorry, I did not verify in router settings. I have limited access at the moment because remote access has not been set up. I just went by what the Fing app was telling me and took what action I could. The warning seems to have reset.. Thank you

    I used to be fat.
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭

    Thank you both. I will let you know the outcome.

    Jim

    I used to be fat.
    RobinMarc
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭

    After successful access, I'm able to see some settings. uPnP is not one of them. And it appears that all i'm able to do is change credentials or reboot the router. I did close ports via fing last night and have not gotten the warning since. The only thing that concerns me is that my camera system is made in China and I do not trust that my system is configured to repel unauthorized entry. I'm using mcafee total protection w/VPN as well as fing, so I feel fairly secure. Thoughts?

    I used to be fat.
  • MarcMarc Moderator, Beta Tester Posts: 1,523
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    My guess is if the camera is cloud based and can be managed and viewed remotely, that's probably what you were seeing.  That or perhaps the camera was looking for a regular scheduled firmware/software update.  You could try googling the camera model and port and see if others have seen the same behavior.
    Thats Daphnee, she's a good dog...
    jamzm
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭
    The system has a cloud based subscription feature which i do not use.  I  do access the controller via web. What concerns me is that the company i bought the system from can also access the system.  I do not know if they use the Danale app which is what i use or another undisclosed application which allows them to support customers and who knows what else,. but at one point there were over 300 ports opened.  So i disconnected the controller from the web for a long time because of this concern and reconnected it after buying the new router and subscribing to McAfee.  I was pleased to see that i wasn't exposed by 300 open ports until I got that warning.  As i mentioned, i disconnected the port at the cam controller via Fing and so far it's okay, but i have no way of verifying this at the router while at a remote location. 
    I used to be fat.
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭
    Is Daphne a puppy?
    I used to be fat.
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭
    I was able to change from manual to dhcp dns.  I'm wondering if that made the difference.
    I used to be fat.
  • MarcMarc Moderator, Beta Tester Posts: 1,523
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    Thats Daphnee, she's a good dog...
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭
    dns, ip, idk
    Give her a pat on the head for me.  My 12 year old labradoodle is on his way out with tumors in his right lung.   :/
    I used to be fat.
  • MarcMarc Moderator, Beta Tester Posts: 1,523
    100 Answers 1000 Comments 500 Likes 100 Awesomes
    ✭✭✭✭✭✭
    Ah man, so sorry to hear that @jamzm
    Thats Daphnee, she's a good dog...
  • Jonah6882Jonah6882 Member Posts: 1
    Name Dropper First Comment
    Robin said:
    Hi @jamzm
    Have you checked if this port is being used by any application at that time under router settings?
    My FING reports the following:-

    Premiumnetwork
    Port forwarding is enabled in gateway via UPnP
    Premiumnetwork
    Port forwarding is enabled in gateway via NAT-PMP
    How would I do this check on my iMac?

    Jonah8268
  • RobinRobin Administrator Posts: 2,659
    2500 Comments 100 Answers 250 Likes 100 Awesomes
    admin
    Jonah6882 said:
    How would I do this check on my iMac?

    Jonah8268
    You need to use Fing desktop for your iMac but this feature will require premium subscription. Have you subscribed to premium membership?
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
    jamzm
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭
    I have successfully disabled uPnP on my router.  Now, I only get a handful of opened ports.  Do I also need to disable NAT ?
    I used to be fat.
  • RobinRobin Administrator Posts: 2,659
    2500 Comments 100 Answers 250 Likes 100 Awesomes
    admin
    jamzm said:
    I have successfully disabled uPnP on my router.  Now, I only get a handful of opened ports.  Do I also need to disable NAT ?
    That's personal preference but leaving it enabled won't have any effect. 
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides("Helping Hand"). HAPPY POSTING!!!
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭
    Here's one for ya....How do I get my WX laptop to send correct credentials so that I can log into my router on wifi.  When I go to log in, It says that the connection is unsafe because my client is not sending the correct credentials even though I'm using the correct user & pw.  
    I used to be fat.
  • jamzmjamzm Pittsburgh, PA, USAMember Posts: 99
    10 Comments First Answer 5 Likes Photogenic
    ✭✭
    I'll do that
    I used to be fat.
Sign In or Register to comment.