Every few weeks, I receive a notification that my Roon Nucleus Plus is under attack, with 32 recent attempts. None of my other devices seem to be subjected to this. Anybody else with this issue and if so, what have you done about it?
Hi Thomas,
First, I wanted to point out that you didn’t post in any category, did you want this post IN one? If so, I can move it there.
Second, what is giving you these notifications?
Do you have ARC enabled?
Yes, please repost.
I am using Xfinity’s security package.
Thanks for your help.
Tom
I am not home for the next few days to confirm, but I do not believe so.
Moved to #roon discussion
I have returned home and fired up the nucleus. It was fine but then just today I received a message that it’s been attacked again. When I get into settings, it says “Roon ARC can securely access your Roon core”. Perhaps not so secure?
Just because there are automated scans for vulnerabilities does not mean that a vulnerability really exists. Every open port on every public address gets scanned all the time
Set the ARC port to 0 (zero) and that should turn ARC off
As an IT professional I would caution against this. It’s giving you false positives and is arguably a waste of money. Focus on good endpoint protection such as antivirus. The Nucleus would need a vector to attack and there really isn’t any. It doesn’t even support SSH.
Thanks for weighing in. So other than the fact that I have less than optimal Internet security, are you saying I needn’t worry about what is going on with my nucleus?
Thank you. I shall. I never use it.
You should also turn off UPNP on the router.
Can I just sign-out ARC, when ever I need just sign in again? Thanks
What does this accomplish? Either it’s secure, then it can be online, or it’s not secure - and then it is not secure even if you need it.
You don’t have less than optimal internet security, you’re just fine. Don’t waste your money on that ISP security garbage. It is designed to scare you so the ISP can charge you to “fix” things. These are false positives, your network isn’t being attacked. Automated port scans happen constantly. Keep UPnP off on your router as a precaution and if you don’t use ARC set the port in Roon to 0. Using good quality AV on your computer is more than enough. Windows defender is fine for most people but good paid options are ESET and Bitdefender. Most network intrusions aren’t from “hackers” typing into some terminal they come from social engineering. The best thing you can do to protect yourself is through self education and using common sense practices on the internet.