Multiple servers appear (5 to 20) on my network (in "Connect to your Roon Server" screen and they are of other people's accounts-- i can access some of them and even control them. I still have access to my own server, but i presume others can see me also. Why is this happening?
Hi man, there are other issues i posted about yesterday and today (other threads, “remote” not connecting…to Androids) but i had the SAME issue like you, but only with one strange core/rock which was named like a random internet provider i found via web. So no solution on my end, but wanted to point that out. Made me feel a bit “hacked” or something. Strange.
yeah, the scare thing is i seem to have full control of their Roon apps. So i suppose they could control my roon app also! They are not on my network, so this is very strange…and scary.
Connecting a new client to my network I was taken aback to see some remote servers available for connection. I was able to connect and engage with those libraries like they were my own local one.
This surprised me. How can I make sure my library is not broadcasting externally and that access is securely gated behind some authentication?
Images from one of the libraries I could connect to attached
82.180.XXX.XXX isn’t a reserved local IP-Address but a public one. Why does your Roon Server seem to be connected to the internet directly? This is dangerous. Also do you have a VPN configured? Maybe try disabling that and see if things change after a restart?
Similar issue reported earlier … roon remote (iOS 18.5 iPHONE/iPAD) and Roon Core /Windows 11 desktop)
(All devices on in house WiFi AND Tailscale)
noticed something very strange: after taking a looong time to search roon server, it comes up showing two windows desktop servers, one is of course mine and the second one 'MATHOMEPC ???
I checked all the devices on my WiFi as well as Tailscale and do not have anything other than my own,
anybody any clue? Is this the reason for long delay in finding the server?
Eventually it did connect to my server though …
My Roon server of course has access to the internet to access services like Tidal and pull updates etc. this is not dangerous.
There is no inbound port open that I am aware of outside of ARC that works expectedly.
My roon rocker containers routing table
# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 192.168.70.1 0.0.0.0 UG 0 0 0 eth0
192.168.70.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
This is an “inconvenience” for users seeing other servers, but if other folks can access my instance and access my local content this is way more serious than an “inconvenience” and is a material breach of security and privacy.
It displays a public address because it is seeing a remote server across the internet.
The question is why can I see and connect to a completely remote roon server across the internet and make use of it like its local!? I can literally operate Franks home like its mine, including manage zones and play audio.
I have no extension in use on my server, but Frank has the following, just in case these are related to this matter. The other servers I can see have no extensions either.
My IP is 47.181.xxx.xxx based in Los Angeles, USA.
The other servers I can connect to are according to geo-ip data lookups in the following locations.
60.255.xxx.xxx: Based in Schenzen, China.
82.180.xxx.xxx Based in Arizona, Phoenix.
I can access remote servers local file storage to some extent also.
