security report from shadowserver

[bluelab1 0]

I recently tested Emby server and I found it very useful. 

 

"but" I recently got a notification from shadowserver for my machine (which has a public ip) for being a possible distributed denial of service relay 

Anyone had this issue and also have clues about  it ? Following the details 

 

port:     39345
header:     HTTP/1.1 200 OK
systime:     Wed 02 Sep 2015 10:24:08 GMT
cache_control: max-age = 600
location:   <removed>
server:     Unix64/3.8 UPnP/1.0 DLNADOC/1.5 Emby/3.0.5675.1
search:     upnp:rootdevice
unique_name: uuid:dd4844962b0bba0f5fb48b87a459805d::upnp:rootdevice

protocol:     udp

 

Shadowserver usually should be concerned with udp:53 dnsmasq for ddos so I was wondering what this is all about and if this is a real vulnerability of Emby in which case maybe someone already addressed it.

 

At present I'm simply using this recipe to keep the server running among our group, but would be anyway interesting to understand what's going on here 

 http://daybydaylinux.blogspot.it/2015/09/how-to-setup-emby-server-for-access.html

 

I also contacted shadowserver to understand the issue better.

 

Alex

 

Alex