Nucleus Plus Security Issues

Does anyone know if Roon is offering antivirus/internet security software specifically for the Nucleus? I keep getting alerts from Comcast Xfinity saying they have blocked “known malicious IP” from multiple IP addresses trying to connect to my Nucleus Plus. It’s specific to Nucleus and I have zero problems with any other devices on my home network.

The Firewall is frequently (Normally?) built into your router and rules would be provided to allow Roon a path through the firewall.
As far as I know there’s no A/V provision for the Nucleus & it hasn’t any web browsing or email facilities.

See posts in;-

The only port open to the internet, assuming there was no prior misconfiguration done by the user, is the one for Roon ARC. You can disable the automatic port forwarding on your router if possible and active (uPnP and/or NAT-PMP). You can also disable Roon ARC making use of automatic port forwarding if you want to:

Update:

Alternatively and if you want to use Roon ARC.

Ask them them about the meaning/how to interpret the message they sent to you. Ask them about what to do or how you can disable the messages.

1 Like

A hacker/crook/foreign bad guys don’t require a web browser or email address to attack a server or service. All they need is an IP address. Furthermore, I have a Roon App on my iPad and PC that “act like” browsers. A browser is just an HTML app. I need to solve this “IP reputation” problem where pings are bouncing around eastern Europe and then trying to get into my Nucleus. I have no clue how they found it. Its a relatively new installation.

I’m with you. This is a problem that has surfaced numerous times in the last month (new install for me as well) and doesn’t affect any other devices on my home network. Hoping these are just growing pains and Roon will address this since we are clearly not the only ones with this issue.

The pain emanates from messages/information you get from somewhere, informing you that something blocked access from certain IP-addresses and possibly containing a reason for blocking that represents a wild guess sort of. Messages who’s content you don’t seems to fully understand.

Neither of you deemed to share those exact messages so the community here might be able to help you understand. Both of you contacted Roon support instead of the support for the product/service sending you those messages. Please contact the support for your security products/services to find out how to disable those messages if they bother you.

Simplified and from a security standpoint, messages informing you that something got blocked can safely be ignored. Cases that you should be concerned about are those where access is not blocked and an attacker manages to compromise your systems. Unfortunately, it is in the nature of things that in exactly these cases you will not receive any notifications because the access was not recognized as a potential threat and blocked.

1 Like