So a while ago I moved to a hetzner do server. I received the following email within the first week
So to me that seemed like I had a port open that needed closing. So I ran port guard and expected the problem to be fixed. However I just received the same email again so I'm now stuck and unsure how to fix the issue.On 02 Jan 05:56, [email protected]wrote:
> Dear Sir or Madam,
> the Simple Service Sitevery Protocol (SSDP) is a network protocol
> for advertisement and Sitevery of network services and presence
> information. SSDP is the basis of the Sitevery protocol of
> Universal Plug and Play (UPnP). SSDP uses port 1900/udp.
> Over the past months, systems responding to SSDP requests from
> anywhere on the Internet have been increasingly abused for DDoS
> reflection attacks against third parties.
> Affected systems on your network:
> Format: ASN | IP | Timestamp (UTC) | Ssdp server
> 24940 | 184.108.40.206 | 2019-01-01 10:22:42 | UPnP/1.0 DLNADOC/1.50 Platinum/220.127.116.11
> We would like to ask you to check this issue and take appropriate
> steps to secure the SSDP services on the affected systems or
> notify your customers accordingly.
> If you have recently solved the issue but received this notification
> again, please note the timestamp included below. You should not
> receive any further notifications with timestamps after the issue
> has been solved.
> Additional information on this notification, advice on how to fix
> reported issues and answers to frequently asked questions:
> This message is digitally signed using PGP.
> Information on the signature key is available at:
> Please note:
> This is an automatically generated message. Replies to the
> sender address <[email protected]> will NOT be read
> but silently be discarded. In case of questions, please contact
> <[email protected]> and keep the ticket number [Cloud-Report#...]
> of this message in the subject line.
> !! Please make sure to consult our HOWTOs and FAQ available at
> !! <https://reports.cert-bund.de/en/> first.
> Mit freundlichen Gren / Kind regards
> Team CERT-Bund
> Bundesamt fr Sicherheit in der Informationstechnik
> Federal Office for Information Security (BSI)
> Referat CK22 - CERT-Bund
> Godesberger Allee 185-189, 53175 Bonn, Germany