NETGEAR is aware of a growing number of phone and online scams. To learn how to stay safe click here.
Forum Discussion
Solved
Orbi pro sxr80 sxs80 mDNS hazard source . Benifit or risk
Is orbipro mDNS open or closed?
will airplay benefit from mDNS on or off? Using on small home network.
this article stated:
hazard source. In many cases, the mDNS is open. This means that it also reacts to external queries (via the Internet). Cyber criminals can find these types of open services and use them for DDoS attacks. The network’s devices are then misused in order to bombard a target server with queries. Furthermore, sensitive data can be discovered via an open multicast DNS. Attackers can, in this way, read the Mac addresses of connected devices, for example, and use this information for further attacks.
Airplay does require mDNS on your local network. Apple does name it Bonjour. Without, mDNS your Airplay is 100% inop. Your mobile or Mac wont be able to find the speaker, the display, the TV, your printer, even the Apple TV...
What Netgear has implemented is the ability to locate services on other VLAN/subnet, so on all your networks - for example to print, to use a display, a speaker, ...
Now, if you don't need any of this beyond your single VLAN and subnet, you don't have to enable the capability.
Of course, any reasonable consumer or small business router does block incoming port 5353/udp connections - on IPv4 which is NATed anyway, and on IPv6 (much more risk of having services exposed).
1 Reply
Airplay does require mDNS on your local network. Apple does name it Bonjour. Without, mDNS your Airplay is 100% inop. Your mobile or Mac wont be able to find the speaker, the display, the TV, your printer, even the Apple TV...
What Netgear has implemented is the ability to locate services on other VLAN/subnet, so on all your networks - for example to print, to use a display, a speaker, ...
Now, if you don't need any of this beyond your single VLAN and subnet, you don't have to enable the capability.
Of course, any reasonable consumer or small business router does block incoming port 5353/udp connections - on IPv4 which is NATed anyway, and on IPv6 (much more risk of having services exposed).
NETGEAR Academy
Boost your skills with the Netgear Academy - Get trained, certified and stay ahead with the latest Netgear technology!
Join Us!
