Code: Select all
pkg install py37-wsdd
sh /usr/local/bin/wsdd start
Code: Select all
wsdd_enable="YES"
DDWRT is using WSDD2 (https://github.com/Andy2244/wsdd2) but this require some additional porting to FreeBSD first.
Code: Select all
pkg install py37-wsdd
sh /usr/local/bin/wsdd start
Code: Select all
wsdd_enable="YES"
Code: Select all
wsdd_enable = YES
Code: Select all
pkg install -q -y py37-wsdd; service wsdd start; exit
Code: Select all
pkg: indexinfo-0.3.1 installed
pkg: readline-8.0.4 installed
pkg: libffi-3.3_1 installed
pkg: gettext-runtime-0.21 installed
pkg: python37-3.7.9_1 installed
pkg: py37-wsdd-0.6.2_1 installed
daemon: 2021-03-15 17:33:53,104:wsdd WARNING(pid 4130): no interface given, using all interfaces
Code: Select all
PID USERNAME THR PRI NICE SIZE RES STATE C TIME WCPU COMMAND
4130 _wsdd 1 20 0 32M 21M kqread 2 0:00 0.00% python3.7
Note that all windows 7, 8 and 10 machines run WS-discovery.zoon01 wrote: Mar 15th, '21, 12:52 ...
Something to read too:
https://www.zdnet.com/article/protocol- ... s-attacks/
Normally the access to ANY NAS port from outside shall not be allowed. This is the main task of the home router firewall. The golden rule for home router firewall is "no ports open to the external world except the port a VPN server listens on!". No any service on any device belonging to the local LAN should be accessible from outside! The people that does not follow the golden rule are just stupid and inviting hackers! So I don't see a problem to use WSDD if the router door is closed. And also NO UPNP allowed!Brahiewahiewa wrote: Mar 17th, '21, 16:18Note that all windows 7, 8 and 10 machines run WS-discovery.zoon01 wrote: Mar 15th, '21, 12:52 ...
Something to read too:
https://www.zdnet.com/article/protocol- ... s-attacks/
However on windows, the WSD service is restricted to only act on requests originating from the local subnet and to only respond to hosts on the local subnet. This invalidates DDOS attacks on a world wide scale, though the local subnet might still be affected.
The WSD python script lacks these restrictions. So I agree that in it's current form, the script is not suitable for Xigmanas. Once the lack of security is addressed, you might reconsider
There's hardly anyone who'll deliberately open the port for WSD in his router.netware5 wrote: Mar 18th, '21, 15:24Normally the access to ANY NAS port from outside shall not be allowed. This is the main task of the home router firewall. The golden rule for home router firewall is "no ports open to the external world except the port a VPN server listens on!". No any service on any device belonging to the local LAN should be accessible from outside! The people that does not follow the golden rule are just stupid and inviting hackers! So I don't see a problem to use WSDD if the router door is closed. And also NO UPNP allowed!Brahiewahiewa wrote: Mar 17th, '21, 16:18Note that all windows 7, 8 and 10 machines run WS-discovery.zoon01 wrote: Mar 15th, '21, 12:52 ...
Something to read too:
https://www.zdnet.com/article/protocol- ... s-attacks/
However on windows, the WSD service is restricted to only act on requests originating from the local subnet and to only respond to hosts on the local subnet. This invalidates DDOS attacks on a world wide scale, though the local subnet might still be affected.
The WSD python script lacks these restrictions. So I agree that in it's current form, the script is not suitable for Xigmanas. Once the lack of security is addressed, you might reconsider
thanks a lotzoon01 wrote: Mar 22nd, '21, 14:51 Port is added into our svn, its getting a user service so the end choice is for the users.
They can keep it disabled or enable it for discovery when they want or need.
Everybody Happy
The WSD WebGUI page is currently developed, see below screenshot from the testbox:raulfg3 wrote: Mar 22nd, '21, 23:52thanks a lotzoon01 wrote: Mar 22nd, '21, 14:51 Port is added into our svn, its getting a user service so the end choice is for the users.
They can keep it disabled or enable it for discovery when they want or need.
Everybody Happy
some screen capture of how enable or disable it for reference?