[slim] UPnP/DLNA Media Interface 1.0 must listen to port 1900 with Ocean Digital WR-230S.

Mon, 02 Sep 2019 11:34:10 -0700 


My Squeezebox Boom displays are dying.
In my quest for a replacement I'm experimenting with an Ocean Digital
WR-230S.  If I make substantial progress, I'll start a thread on that.

For the moment, I'm just trying to get it to talk to LMS at all. And,
sadly, that means UPnP.

The Ocean Digital WR-230S has a very rudimentary UPnP/DLNA
implementation. It's not possible to use it as a Renderer.

Pretty much the only thing it does is send out an M-SEARCH from Port
1900 to discover any UPnP/DLNA servers.

When running Andy Grundman's UPnP/DLNA Media Interface 1.0, that
M-SEARCH is ignored.

Starting at line 188 of Discovery.pl we see:


Code:
--------------------
    
  # DLNA 7.2.3.5, ignore M-SEARCH with source port 1900 or <1024
  if ($port == 1900 || $port <= 1024) {
  $log->warn( "Ignoring illegal M-SEARCH request from $iaddr:$port (port must 
not be 1900 or <=1024)" );
  return;
  
--------------------


Looking at the relevant protocol document (which I found at
http://docshare04.docshare.tips/files/11856/118566774.pdf#page=34&zoom=100,0,450)
in section 7.2.3.5 we see:

Comment: These guidelines are based on a Microsoft technical advisory
regarding
security concerns for UPnP.

Requirement [7.2.3.5]: UPnP devices may ignore M-SEARCH messages if the
originating
source port is less than or equal to 1024 or equal to 1900.

Oddly enough, feeding the above into google I got a pointer to a
Microsoft security document at:
https://docs.microsoft.com/en-us/windows-server/security/windows-services/security-guidelines-for-disabling-system-services-in-windows-server

Reading the stuff that mentioned uPnP, I get the "Microsoft Windows
recommendation that it's ok to turn off that sort of discovery."

I think that the UPnP server support on LMS needs to NOT ignore M-SEARCH
coming in from that port, if all uPnP client devices are to be
supported.

I suspect that, if one is experiencing a DOS attack from a flood of
M-SEARCH  requests, you need a control bit to toggle it off.


------------------------------------------------------------------------
wcattey's Profile: http://forums.slimdevices.com/member.php?userid=7506
View this thread: http://forums.slimdevices.com/showthread.php?t=110925

_______________________________________________
discuss mailing list
[email protected]
http://lists.slimdevices.com/mailman/listinfo/discuss

Reply via email to