- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
Re: Orbi pro sxr80 sxs80 mDNS hazard source . Benifit or risk
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Is orbipro mDNS open or closed?
will airplay benefit from mDNS on or off? Using on small home network.
this article stated:
hazard source. In many cases, the mDNS is open. This means that it also reacts to external queries (via the Internet). Cyber criminals can find these types of open services and use them for DDoS attacks. The network’s devices are then misused in order to bombard a target server with queries. Furthermore, sensitive data can be discovered via an open multicast DNS. Attackers can, in this way, read the Mac addresses of connected devices, for example, and use this information for further attacks.
Solved! Go to Solution.
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Airplay does require mDNS on your local network. Apple does name it Bonjour. Without, mDNS your Airplay is 100% inop. Your mobile or Mac wont be able to find the speaker, the display, the TV, your printer, even the Apple TV...
What Netgear has implemented is the ability to locate services on other VLAN/subnet, so on all your networks - for example to print, to use a display, a speaker, ...
Now, if you don't need any of this beyond your single VLAN and subnet, you don't have to enable the capability.
Of course, any reasonable consumer or small business router does block incoming port 5353/udp connections - on IPv4 which is NATed anyway, and on IPv6 (much more risk of having services exposed).
All Replies
- Mark as New
- Bookmark
- Subscribe
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Airplay does require mDNS on your local network. Apple does name it Bonjour. Without, mDNS your Airplay is 100% inop. Your mobile or Mac wont be able to find the speaker, the display, the TV, your printer, even the Apple TV...
What Netgear has implemented is the ability to locate services on other VLAN/subnet, so on all your networks - for example to print, to use a display, a speaker, ...
Now, if you don't need any of this beyond your single VLAN and subnet, you don't have to enable the capability.
Of course, any reasonable consumer or small business router does block incoming port 5353/udp connections - on IPv4 which is NATed anyway, and on IPv6 (much more risk of having services exposed).