On 5/2/24 12:11, A. F. Cano wrote: [...]
Interesting... After turning off the Coturn app, the transmitting has gone to 0 but the receiving is still going strong:
I believe the traffic is still coming in assuming that the service is still available. My guess is that the incoming traffic will subside eventually.
I can connect to the matrix server from my usual internal machine I use for the video conferencing but of course there is no one slse at the moment to conference with, so I don't know if the lack of the STUN/Coturn server might or might not affect them.
STUN/TURN servers will be needed when a client participating in audio/video conversation is behind NAT.
[...]
This one is in Glenview, Illinois. Not sure why syncthing is connecting to the outside since all I wanted was to sychronize internal machines and the phone when on internal wifi.
Syncthing uses volunteer relays to transfer data between devices that are behind NAT. Perhaps you are seeing traffic related to this.
[...]
So, after stopping the Coturn app, connections seem much more reaaonable. I would still like to know what the coturn app was sending where and why I keep receiving 300-400 Kbps on port 3478 and what all those bits are.
I might be that some adversaries are utilizing STUN servers to launch DDOS attacks[1]. Note that this is not this is not a FreedomBox specific problem and a general issue for STUN servers.
I have created an issue to track this[2].1) https://www.securityweek.com/organizations-warned-stun-servers-increasingly-abused-ddos-attacks/
2) https://salsa.debian.org/freedombox-team/freedombox/-/issues/2422 Thanks, -- Sunil
OpenPGP_0x36C361440C9BC971.asc
Description: OpenPGP public key
OpenPGP_signature.asc
Description: OpenPGP digital signature
_______________________________________________ Freedombox-discuss mailing list [email protected] https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/freedombox-discuss
