So.
My firewall is picking up threats. so my question is
what is this trafic ?
Threat Management Alert 3: Unknown Traffic. Signature ET USER_AGENTS Node XMLHTTP User-Agent. From: 192.168.X.X:36115, to: 142.93.107.218:80, protocol: TCP 19:13 04/29/2020
Threat Management Alert 3: Unknown Traffic. Signature ET USER_AGENTS Node XMLHTTP User-Agent. From: 192.168.X.X:36116, to: 142.93.107.218:80, protocol: TCP 19:13 04/29/2020
Threat Management Alert 3: Unknown Traffic. Signature ET USER_AGENTS Node XMLHTTP User-Agent. From: 192.168.X.X:36118, to: 142.93.107.218:80, protocol: TCP 19:13 04/29/2020
Threat Management Alert 3: Unknown Traffic. Signature ET USER_AGENTS Node XMLHTTP User-Agent. From: 192.168.X.X:36119, to: 142.93.107.218:80, protocol:
who is 142.93.107.218 ?
when accessing it i get
Cannot GET /
This is Volumio quering your network for UPNP\DLNA servers
but why does it want to go to that IP ?
This is probably Volumio trying to search for automatic update info. Is there a way to turn this function off and only rely on manual update search?
Panos70
December 16, 2020, 7:53am
5
Well, if this is not a radio station or a volumio server something stings…
IP Location
Germany Germany Frankfurt Am Main Digitalocean Llc
ASN
Germany AS14061 DIGITALOCEAN-ASN, US (registered Sep 25, 2012)
Whois Server
whois.arin.net
IP Address
142.93.107.218
I’m pretty sure it is an updating function for Volumio so the OS can check if there are new updates and flag the user for that. That is the function I would like to turn off.
dvo
December 18, 2020, 8:00am
7
volumio
December 18, 2020, 11:29am
8
Yep, this is a call made by Volumio to check if there are updates available. This is done in preparation to the new push updates function that we are working on.
The infos sent are: hardware, software version (and we don’t log requests)
Good to get it confirmed. Thank you.
Is it possible to turn it off?
dvo
December 18, 2020, 2:45pm
10
i don’t think so… better make a rule in your firewall to ignore it
Understood. Just don’t like to leave paths open. Better to turn off if possible.