Remote viewing feature causing security threat alerts

I have an instance of Channels DVR running in a Docker container on a small NAS server in my home. It accesses the internet through a Unifi Dream Machine Pro (UDM Pro). The threat management service on the UDM Pro has thrown several messages about outside IP addresses communicating to the channels DVR server port.

When I originally setup the Channels DVR, I was completely unaware that the default settings enable natpmp to create port forwards for outside traffic.

I’ve now disabled the “remote viewing” option in the DVR settings screen. I’m expecting that disables natpmp, and therefore eliminates the issue.

It seems that the remote viewing feature should be disabled by default, and should come with a big warning “this opens your dvr to the world, and the potential for malicious traffic. You will need to be vigilant about updating your dvr, to ensure you have the latest security patches”

UPnP is usually something that is enabled on your router. I disable this feature all together. So things such as Channels DVR won't work even if it's turned on.

It is disabled by default already. You have to explicitly turn it on.

The UDM is likely just complaining about random IPs scanning ports and attempting connections to the port used by the dvr. It's not a big deal, as each connection is authenticated by the dvr and only you have remote access with your own DVR user account.