Port 8089 Being Attacked Everyday


#1

Hi,

My Firewall at home alerts me that port 8089 being attacked several times a day. (Please see attached photos)The worst case I have seen is 12 times one day last week. The best case is at least 2 to 3 times a day. I have 10 open ports forwarding to different servers or applications, but those ports are never being attacked, mainly I use very arbitrary or random or less popular ports to forward to those servers. Apparently, 8089 is a well known port, hackers scan or just randomly send attacking packets to target port 8089. I know most of you argue that my other ports would still pose risk and vulnerability. I totally agree all of the opening forwarding ports are vulnerable. The fact is that in my current setup, only port 8089 has been pounded everyday. No other open forwarding ports has been attacked for past 2 years. I urge the developers allow us to use random ports to forward for remote access. That's a right thing to do for your customer's security sake. Please consider.

Thanks for your attention.


Security Issue and Concerns
#2

There was a recent post about using a different internet-facing port ... but I can't seem to find it right now.

Edit: Found it: Remote DVR - AppleTV Buffer/Playback Issues


#3

What firewall do you use?


#4

I am using a pretty cool and affordable firewall called "Firewalla" Red version. (You can find it on Amazon or their own web site) This firewall cube is very tiny, about 1.5", but it does a lot of very amazing technical analysis of your home network; perhaps for small size office network too. This firewall is developed by a team of long-time Cisco security experts who developed and wrote millions lines of code for Cisco firewall boxes and security suites. They left Cisco few years ago and started this startup. I have been using this little red box to monitor my network security past 2 years. Before this Firewalla, I had no idea if my Windows PC had been affected by rootkit or trojans which quietly sent infectious traffic to inside and/or outside of the home network. This Firewalla not only blocks suspicious attacks like the ones have been attacking Channel DVR's 8089 port, it also notifies you via your iPhone or Android of some zombie virus in your PC/Mac or any IoT devices like your security cameras made in China are sending suspicious traffic outside of the network without your knowledge. Another nice thing about this Firewalla is that they tell you the specific port from which device, so you can then narrow down a specific application in a particular PC or infected security camera doing suspicious activity. My home network is little unusual than some of the normal home setup because I have a lot of IoT devices, security cameras, NAS's, VM's, dockers, Raspberri Pi's, containers, VMware, VLANs, port trunking, DNSmasq, HomeKit, Smartthings, Homebridge, etc. I am close to maxing out my 253 IP addresses in my subnet. And I have run into many weird issues with the Firewalla past 2 years due to my unusual home setup. So, these guys are very bright and very responsive, almost like the developers for the Channels DVR, and they went all out to troubleshoot and fix all the problems promptly (usually within a day or 2) I faced in the past. Past 8 months, the code has been very stable (no more crashes) and accurate to identify and block all the attacks and notify me about all suspicious uploading traffic. It can also block or schedule blocking for social network or porns to protect your kids. I would recommend the developers of Channels DVR to buy one of these Firewalla boxes (I hope they are reading this thread. How can I get them to see this post?) and get a sense how vulnerable to statically use port 8089 for remote access, then they can consider security of Channels DVR is no less important than those fancy features in Channels DVR. I am hoping Channels DVR can come up with a more secure solution not to expose port 8089. BTW, I signed up their new Firewalla Blue version with faster CPU and gigabit ethernet, this startup is quite honest and serious about their products, and most importantly they can deliver and continue to commit to make the code more stable like what I have been very impressed by the guys behind Channels DVR.


#5

I just ordered one.