Page 1 of 1

Hack attempt on port 22222 - VantageVue and Netgear router **solved**

Posted: Tue Feb 11, 2020 8:45 pm
by glennpm
I have a TP-Link MR3020 which is wired to a Netgear router. It is in another residence of mine over 1,000 miles from where I'm living now.

I stopped receiving data about a week ago for a few days and found by looking at the "System" portion of Meteobridge, that I was being flooded, an intrusion attempt through port 22222. I traced the IP to Moscow, Russia. I remotely logged on to my Netgear and blocked this IP and after a reboot, everything started working normal again after an hour or so.

Has anyone else had this happen and is there a better port than 22222 or method to prevent this.

Thanks,
Glenn

Re: Hack attempt on port 22222 - VantageVue and Netgear router

Posted: Fri Feb 14, 2020 9:10 pm
by galfert
You don't need to open this port on your firewall for the Meteobridge to work.

The Meteobridge is getting data from your logger via an internal IP address. None of this involves messing with your firewall.

Re: Hack attempt on port 22222 - VantageVue and Netgear router

Posted: Fri Feb 14, 2020 10:43 pm
by glennpm
Thank you! It makes complete sense that there is no reason to open the port. I guess I wasn’t thinking!

Re: Hack attempt on port 22222 - VantageVue and Netgear router

Posted: Sat Feb 15, 2020 11:13 pm
by galfert
Boris,
You can mark this one **solved**.