What's new
PGBlitz.com

Register Now! Find useful tips, Interact /w Community Members and join the part the Best Community on the Internet!

Discussion Hetzner security warning

CyborgPirate

Respected Member
So a while ago I moved to a hetzner do server. I received the following email within the first week
On 02 Jan 05:56, [email protected]wrote:
> Dear Sir or Madam,
>
> the Simple Service Sitevery Protocol (SSDP) is a network protocol
> for advertisement and Sitevery of network services and presence
> information. SSDP is the basis of the Sitevery protocol of
> Universal Plug and Play (UPnP). SSDP uses port 1900/udp.
>
> Over the past months, systems responding to SSDP requests from
> anywhere on the Internet have been increasingly abused for DDoS
> reflection attacks against third parties.
>
> Affected systems on your network:
>
> Format: ASN | IP | Timestamp (UTC) | Ssdp server
> 24940 | 148.251.88.136 | 2019-01-01 10:22:42 | UPnP/1.0 DLNADOC/1.50 Platinum/1.0.5.13
>
> We would like to ask you to check this issue and take appropriate
> steps to secure the SSDP services on the affected systems or
> notify your customers accordingly.
>
> If you have recently solved the issue but received this notification
> again, please note the timestamp included below. You should not
> receive any further notifications with timestamps after the issue
> has been solved.
>
> Additional information on this notification, advice on how to fix
> reported issues and answers to frequently asked questions:
> <https://reports.cert-bund.de/en/>
>
> This message is digitally signed using PGP.
> Information on the signature key is available at:
> <https://reports.cert-bund.de/en/digital-signature>
>
> Please note:
> This is an automatically generated message. Replies to the
> sender address <[email protected]> will NOT be read
> but silently be discarded. In case of questions, please contact
> <[email protected]> and keep the ticket number [Cloud-Report#...]
> of this message in the subject line.
>
> !! Please make sure to consult our HOWTOs and FAQ available at
> !! <https://reports.cert-bund.de/en/> first.
>
>
>
> Mit freundlichen Gren / Kind regards
> Team CERT-Bund
>
> Bundesamt fr Sicherheit in der Informationstechnik
> Federal Office for Information Security (BSI)
> Referat CK22 - CERT-Bund
> Godesberger Allee 185-189, 53175 Bonn, Germany
So to me that seemed like I had a port open that needed closing. So I ran port guard and expected the problem to be fixed. However I just received the same email again so I'm now stuck and unsure how to fix the issue.

Any ideas?
 

SirTranceALoT

Legendary Member
Staff
I get these all the time. Don't worry about it. It is the anti-DDOs system kicking in and telling you about it. If your server didn't hang or die, all is good.
 

Create an account or login to comment

You must be a member in order to leave a comment

Create account

Create an account on our community. It's easy!

Log in

Already have an account? Log in here.


Development Donations

 

Top NZB NewsGroups!

Members - Up To a 58% Discount!

Trending

Online statistics

Members online
5
Guests online
116
Total visitors
121
Top