How to test if the service is responding? I’ve tested a few and can confirm that I received back system information when sending a UDP packet.
Rapid7 released their report on the 29th January 2018 but when I looked at the Ubiquiti forums, there are possible indications going back as far as 2013 of users seeing small repeated requests hitting their 10001 port (presumably to illicit an amplified response).Ī search on Shodan currently shows over 700K devices. # commit How long has this been going on? # set service ubnt-discover-server disable The extra step simply disables a secondary discovery service that runs on some UniFi devices: :~$ configure Ubnt-discover-serverControls whether the EdgeRouter is discoverable by other nearby devices. Ubnt-discoverControls whether the EdgeRouter is able to discover nearby Ubiquiti devices. This feature consists of two services and both are enabled by default: The above script is the generally accepted way but I have performed the extra step below due to the definition of the services on Ubiquiti’s website here: Once you are logged in via SSH, run the following commands: :~$ configure You’ll need to SSH in to the device as there is no option within the GUI for disabling discovery. I’ll get straight in to it for those simply here to find out how to disable the service.
Usual disclaimer: this is for guidance only and any changes you make to your system are done at your own risk. How to disable the Ubiquiti Discovery Service (10001) For those that don’t know, Ubiquiti put business-class networking firmly in the consumer price bracket.Īlas, security researchers at Rapid7 recently found evidence of Ubiquiti‘s discovery port being used as part of an amplification attack, albeit tentatively as the general consensus is criminals are testing effectiveness.Īn important note: at present () Ubiquiti haven’t address this in a firmware release so updating your devices firmware will not disable the discovery service WANside. Its with a (slightly) heavy heart I write this as I’m a fan boy of Ubiquiti‘s networking gear.
0 kommentar(er)
