How can I disable ARC? I only use it at home and don't want this ability to access from outside it!

6regor · September 24, 2022, 4:27pm

Roon Core Machine

Networking Gear & Setup Details

Connected Audio Devices

Number of Tracks in Library

Description of Issue

Jim_F · September 24, 2022, 4:43pm

Don’t install the Roon ARC app on your phone. Don’t do port forwarding. If Roon did the port forwarding, go into your router and delete it. You can also go to Roon - Settings - Roon ARC and press the down arrow. Replace the port number (maybe 55000 or 55002, etc) with 0.

6regor · September 25, 2022, 10:15pm

Thanks, I’ve taken those steps, specifically setting port to 0, that has solved this problem and the interrupts I kept getting in the Roon Stream.

Jim_F · September 25, 2022, 10:27pm

I’m not sure that totally removes any potential risk due to having a port open. I would delete that also.

Michael_Harris · September 25, 2022, 10:34pm

Jim Port 0 cannot be used so that is a safe solution and stops any kind on UPNP then being used.
So that should all be good and the system will never be reached from the outside.

Jim_F · September 25, 2022, 10:36pm

So nothing can get in via a pinhole in port 55000 or 55002, etc. Thanks.

Michael_Harris · September 25, 2022, 10:43pm

Yes I think the suggestion came from Danny last week.

If you set it to listen on Port 0 nothing happens as port 1 is the first usable port, and in most systems it’s really 1025 as the first 1024 ports are reserved for system level use and require root access.
Taking me too far back into my network programming days now and it is all a haze

Jim_F · September 25, 2022, 10:46pm

I’m just wondering about the manual pinholes people put in their router for port 55000. As you can tell, I know less than zero about this.

Michael_Harris · September 26, 2022, 7:25am

If you create a pin hole or allow UPNP to create an pin hole for you, then there is always a limited scope for attack but only on that one TCP port (unlike people who have used the DMZ option which for most part puts your whole Core on the internet for people to attack).

Danny has said that Roon have taken precautions and we have to go with that until someone comes up with solid evidence to the contrary.

Often hackers attack a protocol and try to crash it by throwing bad data at it, this is usually the start of a vulnerability that can be exploited. We have not seen anything like this with Roon ARC to this point, and when we do it might be time to turn it off, so far I am having too much enjoyment listening to music out of the house

system · September 27, 2022, 7:26pm

This topic was automatically closed 36 hours after the last reply. New replies are no longer allowed.