Pesky unknown renderers

For help and support with Universal Media Server
Forum rules
Please make sure you follow the Problem Reporting Guidelines before posting if you want a reply
Post Reply
kosh
Posts: 3
Joined: Fri Jan 18, 2019 7:10 am

Pesky unknown renderers

Post by kosh »

Using UMP 7.8.0
Windows 7x64
Forcing Network adaptor = on
Forcing LAN ip 192.168.1.***
Forcing port ****
Enable External network = OFF

Streaming works, i'm only using it on for lan atm, but i am getting really shady pesky renderer connections popping up under STATUS.
I've blocked every ip in my NAT afterwards, but i don't get why this is happening, im guessing portscans?
Or is UMP non secure? A fast google search about the ip adressses shows reports for hack/portscans etc.

Is UMP not supposed to only find renderes on my LAN...this is WAN adresses!


https://anonfile.com/y2I5R2q1b4 Screenshot
Last edited by kosh on Fri Jan 18, 2019 8:52 am, edited 1 time in total.
Nadahar
Posts: 1990
Joined: Tue Jun 09, 2015 5:57 pm

Re: Pesky unknown renderers

Post by Nadahar »

What you're saying doesn't make much sense. UMS isn't "secure" in any way, it doesn't control access (except for the primitive IP filter and "code" functionality). You should make sure that WAN addresses can't reach UMS, for example by using NAT. There is no need to do any portforwarding to use UMS, and you should not do so.

The discovery protocol (SSDP) used by UPnP/DLNA and thus UMS doesn't implement any kind of authentication or other "security" feature, but it requires multicast to work. Internet routers don't forward multicast packets, so UMS shouldn't be discoverable outside your LAN even if you have no firewall or NAT in your router. Neither does it support IPv6, which would have made all this much more tricky.

So, to sum it up: I very much doubt that UMS "finds" devices from your WAN. If it does, it's because multicast routing somehow has been configured both on your router and on the remote location, in a way that lets them exchange multicast packets. This simply doesn't happen by accident, so unless you have specifically done so we can exclude that as a possibility.

Whatever the source is of the "unknown renderers" you see, they doesn't come from the Internet. Chances that a bug in UMS shows stuff that's not actually there, or that your LAN has devices you're not aware of, are much greater.

You'd need to post debug files and give a precise description of your network topology for anyone to be able to help you figure it out.
kosh
Posts: 3
Joined: Fri Jan 18, 2019 7:10 am

Re: Pesky unknown renderers

Post by kosh »

Ty for your answer, im kinda novice to this but trying to figure out what's happening and why!

I assumed UMP controlled LAN/WAN request hence the "Enable external network" is disabled so you can't reach it outside of you lan?!...
Is this not enough to control Lan/Wan acces towards the UMP software?

Using ipv4 and not ipv6.
I've got a software NAT (KIS2019) wich includes a firewall, the UMP server is on a 5 GHz WIFI connection under 192.168.1.131 (binded LAN ip in my router) (behind a Asus-RT-AC68 Router), running Merlin Firmware 384.8_2. (Firewall enabled in the Asus aswell).

Wan settings for my firewall in asus router i've only opened port 9001 and port 5001 (tcp/udp) towards the UMP machine, cause i sometimes streams outside of LAN. (port forwarding)

192.168.1.131 = UMP server
255.255.255.0 = Subnet mask
192.168.1.1 = Default Gateaway (Asus router)

This machine UMP is running on is also running a VPN connection, but that is only for WAN side (for other services), might this interfere somehow?

I've changed UMP settings to only scan for android/vlc/windows media player and my samsung TV under renderers, il see if this makes a difference.

I will keep a look out if theese renders show up under status again, and i will open up the full debug log and have a look and link/upload it here...
Any log level you reccomend or is debug enough?

Im pretty sure the devices aint any devices on my LAN/home, ive gone through them all.

Thanx in advance!
kosh
Posts: 3
Joined: Fri Jan 18, 2019 7:10 am

Re: Pesky unknown renderers

Post by kosh »

Got the option to deny UMP all other networks except LAN in my soft NAT...

Deny Trusted and Public network annd only allow Local network, but would that not stop the autoupdate scan and disable streaming for Wan...

https://anonfile.com/F8cdSfqab2 Screenshot
Post Reply