Hack attempt on port 22222 - VantageVue and Netgear router **solved**

All about the standard Meteobridge devices based on mobile routers from TP-Link, D-Link, ASUS

Moderator: Mattk

Post Reply
glennpm
Senior Boarder
Senior Boarder
Posts: 51
Joined: Sun Aug 03, 2014 8:47 pm

Hack attempt on port 22222 - VantageVue and Netgear router **solved**

Post by glennpm » Tue Feb 11, 2020 8:45 pm

I have a TP-Link MR3020 which is wired to a Netgear router. It is in another residence of mine over 1,000 miles from where I'm living now.

I stopped receiving data about a week ago for a few days and found by looking at the "System" portion of Meteobridge, that I was being flooded, an intrusion attempt through port 22222. I traced the IP to Moscow, Russia. I remotely logged on to my Netgear and blocked this IP and after a reboot, everything started working normal again after an hour or so.

Has anyone else had this happen and is there a better port than 22222 or method to prevent this.

Thanks,
Glenn

User avatar
galfert
Expert Boarder
Expert Boarder
Posts: 94
Joined: Sun Jun 24, 2018 10:31 pm
Location: Orlando, FL

Re: Hack attempt on port 22222 - VantageVue and Netgear router

Post by galfert » Fri Feb 14, 2020 9:10 pm

You don't need to open this port on your firewall for the Meteobridge to work.

The Meteobridge is getting data from your logger via an internal IP address. None of this involves messing with your firewall.
MR3020 v1
GW1000

glennpm
Senior Boarder
Senior Boarder
Posts: 51
Joined: Sun Aug 03, 2014 8:47 pm

Re: Hack attempt on port 22222 - VantageVue and Netgear router

Post by glennpm » Fri Feb 14, 2020 10:43 pm

Thank you! It makes complete sense that there is no reason to open the port. I guess I wasn’t thinking!

User avatar
galfert
Expert Boarder
Expert Boarder
Posts: 94
Joined: Sun Jun 24, 2018 10:31 pm
Location: Orlando, FL

Re: Hack attempt on port 22222 - VantageVue and Netgear router

Post by galfert » Sat Feb 15, 2020 11:13 pm

Boris,
You can mark this one **solved**.
MR3020 v1
GW1000

Post Reply