Cloudron makes it easy to run web apps like WordPress, Nextcloud, GitLab on your server. Find out more or install now.


Skip to content
  • Categories
  • Recent
  • Tags
  • Popular
  • Bookmarks
  • Search
Skins
  • Light
  • Brite
  • Cerulean
  • Cosmo
  • Flatly
  • Journal
  • Litera
  • Lumen
  • Lux
  • Materia
  • Minty
  • Morph
  • Pulse
  • Sandstone
  • Simplex
  • Sketchy
  • Spacelab
  • United
  • Yeti
  • Zephyr
  • Dark
  • Cyborg
  • Darkly
  • Quartz
  • Slate
  • Solar
  • Superhero
  • Vapor
  • Default (No Skin)
  • No Skin
Collapse
Brand Logo

Cloudron Forum
Apps - Status | Demo | Docs | Install
  1. Cloudron Forum
  2. Support
  3. Reflection attack via STUN/TURN

Reflection attack via STUN/TURN

Scheduled Pinned Locked Moved Solved Support
turnfirewallsecurity
3 Posts 3 Posters 870 Views 3 Watching
  • Oldest to Newest
  • Newest to Oldest
  • Most Votes
Reply
  • Reply as topic
Log in to reply
This topic has been deleted. Only users with topic management privileges can see it.
  • R Offline
    R Offline
    romfeo
    wrote on last edited by joseph
    #1

    Hello,

    I got the following message from my host. In my knowledge, I dont use any apps that need turn. For the moment I have blocked udp port 3478 via ufw. Any ideas how could that happen?

    Platform version v7.5.2 (Ubuntu 20.04.3 LTS)

    it seems that your server was used for a reflection attack via STUN/TURN.

    PORT STATE SERVICE
    3478/udp open stun

    https://github.com/coturn/coturn/pull/1588

    Please check measures such as ACL and/or rate-limits or software which has already implemented measures to prevent abuse here.

    1 Reply Last reply
    5
    • jamesJ Offline
      jamesJ Offline
      james
      Staff
      wrote on last edited by
      #2

      Hello @romfeo and thanks for reporting.
      I will look into it.

      1 Reply Last reply
      1
      • girishG Offline
        girishG Offline
        girish
        Staff
        wrote on last edited by
        #3

        Thanks for reporting. I have added a rule in the firewall for outbound turn - https://git.cloudron.io/platform/box/-/commit/83d7535d84791cf27e0d1ded5fe700233947a1d9

        1 Reply Last reply
        5
        • girishG girish has marked this topic as solved on

        Hello! It looks like you're interested in this conversation, but you don't have an account yet.

        Getting fed up of having to scroll through the same posts each visit? When you register for an account, you'll always come back to exactly where you were before, and choose to be notified of new replies (either via email, or push notification). You'll also be able to save bookmarks and upvote posts to show your appreciation to other community members.

        With your input, this post could be even better 💗

        Register Login
        Reply
        • Reply as topic
        Log in to reply
        • Oldest to Newest
        • Newest to Oldest
        • Most Votes

        • Login
        • Don't have an account? Register
        • Login or register to search.
        • First post
          Last post
        0
        • Categories
        • Recent
        • Tags
        • Popular
        • Bookmarks
        • Search