[Freedombox-discuss] FreeedomBox data leakage, firewall issues.

Sunil Mohan Adapa sunil at medhas.org
Thu May 2 22:00:35 BST 2024 

On 5/2/24 12:11, A. F. Cano wrote:
[...]
> Interesting...  After turning off the Coturn app, the transmitting has
> gone to 0 but the receiving is still going strong:

I believe the traffic is still coming in assuming that the service is 
still available. My guess is that the incoming traffic will subside 
eventually.

> I can connect to the matrix server from my usual internal machine I use
> for the video conferencing but of course there is no one slse at the
> moment to conference with, so I don't know if the lack of the
> STUN/Coturn server might or might not affect them.

STUN/TURN servers will be needed when a client participating in 
audio/video conversation is behind NAT.

[...]
> This one is in Glenview, Illinois.  Not sure why syncthing is connecting
> to the outside since all I wanted was to sychronize internal machines
> and the phone when on internal wifi.

Syncthing uses volunteer relays to transfer data between devices that 
are behind NAT. Perhaps you are seeing traffic related to this.

[...]
> So, after stopping the Coturn app, connections seem much more
> reaaonable.  I would still like to know what the coturn app was sending
> where and why I keep receiving 300-400 Kbps on port 3478 and what all those
> bits are.

I might be that some adversaries are utilizing STUN servers to launch 
DDOS attacks[1]. Note that this is not this is not a FreedomBox specific 
problem and a general issue for STUN servers.

I have created an issue to track this[2].

1) 
https://www.securityweek.com/organizations-warned-stun-servers-increasingly-abused-ddos-attacks/

2) https://salsa.debian.org/freedombox-team/freedombox/-/issues/2422

Thanks,

-- 
Sunil
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_0x36C361440C9BC971.asc
Type: application/pgp-keys
Size: 46335 bytes
Desc: OpenPGP public key
URL: <http://alioth-lists.debian.net/pipermail/freedombox-discuss/attachments/20240502/b13342aa/attachment-0001.key>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/freedombox-discuss/attachments/20240502/b13342aa/attachment-0001.sig>

More information about the Freedombox-discuss mailing list