Why does my Fingbox send data to Amazon?

nozeronozero Member Posts: 2
10 Comments Name Dropper First Anniversary Photogenic

According to Firewalla blue.

Thanks

Best Answer

  • MarcMarc Moderator, Beta Tester Posts: 2,306
    100 Answers 1000 Comments 500 Likes 250 Awesomes
    ✭✭✭✭✭✭
    Accepted Answer
    @nozero, Fing's infrastructure is hosted on Amazon's AWS servers, which is probably why you're seeing this.  This would mean telemetry etc coming  from your Fingbox would end up at an Amazon datacenter.  
    Thats Daphnee, she's a good dog...
    Ciarannozero

Answers

  • nozeronozero Member Posts: 2
    10 Comments Name Dropper First Anniversary Photogenic

    Having, at one time, had an AWS account of my own, I wondered if that was the case. Thanks for the confirmation.

    FWIW, the Fingbox went offline when I blocked it from the IP address range 34.240.0.0/13 with a rule and came back online when I paused the rule.

  • Tspixn658Tspixn658 Member Posts: 2
    First Comment Photogenic
    From my knowledge, Fing is built on AWS (web applications, API's, etc) which would likely be the reason you see traffic being sent to an IP resolving to AWS. Fing is located in Ireland so it is a good assumption that this endpoint hosted on AWS in the EU-WEST-1 (Dublin) region is owned by Fing. There are more details below.

    IP 34.247.154.81

    These tools are fairly old but still accurate most of the time for determining if an IP address is owned by AWS and the endpoint it resolves to. Keep in mind, these tools will never be 100% accurate and an IP will not necessarily always resolve to the same endpoint, hostname, etc. 
    Prefix: 34.240.0.0/13
    Region: eu-west-1 (DUBLIN)
    Service: AMAZON EC2<br>
    ec2-34-247-154-81.eu-west-1.compute.amazonaws.com
    Results from https://dnschecker.org/ip-to-hostname.php?query=34.247.154.81IP: 34.247.154.81
    Hostname: 

    Port 4443


    In this case, Fing specifically lists port 4443 as a utilized port. The data is most likely telemetry, logs, heartbeat, etc.:

    Due to the distributed and resilient design of Fing services, we recommend giving Fing app and Fingbox access to the full Internet. If you want to limit outbound connections and still ensure minimum functionality, make sure to allow Fingbox to reach any IP address on the following TCP ports: 80, 443, 4443, 5671.

    In addition, the ports needed for the Internet Speed Test, provided by M-Lab include 3001, 3002, 3003.

    https://help.fing.com/knowledge-base/firewall-compatibility/ 

    The outbound traffic is from a service (probably an API) operating on TCP port 4443 which is commonly used as an alias or replacement for 443. The "Pharos" service listed by Firewalla is from the IANA registry which is used as a general reference (https://www.iana.org/assignments/service-names-port-numbers/service-names-port-numbers.xhtml?search=4443).







Sign In or Register to comment.