Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. Reflection attack via STUN/TURN

Reflection attack via STUN/TURN

Scheduled Pinned Locked Moved Solved Support
turnfirewallsecurity
3 Posts 3 Posters 657 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R Offline
    R Offline
    romfeo
    wrote on last edited by joseph
    #1

    Hello,

    I got the following message from my host. In my knowledge, I dont use any apps that need turn. For the moment I have blocked udp port 3478 via ufw. Any ideas how could that happen?

    Platform version v7.5.2 (Ubuntu 20.04.3 LTS)

    it seems that your server was used for a reflection attack via STUN/TURN.

    PORT STATE SERVICE
    3478/udp open stun

    https://github.com/coturn/coturn/pull/1588

    Please check measures such as ACL and/or rate-limits or software which has already implemented measures to prevent abuse here.

    1 Reply Last reply
    5
    • jamesJ Offline
      jamesJ Offline
      james
      Staff
      wrote on last edited by
      #2

      Hello @romfeo and thanks for reporting.
      I will look into it.

      1 Reply Last reply
      1
      • girishG Do not disturb
        girishG Do not disturb
        girish
        Staff
        wrote on last edited by
        #3

        Thanks for reporting. I have added a rule in the firewall for outbound turn - https://git.cloudron.io/platform/box/-/commit/83d7535d84791cf27e0d1ded5fe700233947a1d9

        1 Reply Last reply
        5
        • girishG girish has marked this topic as solved on
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search