Can anyone with access to my movie files and music files get into my home network and computer running PMS?
No, the media is served to them - they can’t gain access to your network.
When you use the App to access your server, the sequence is as follows:
- The app contacts plex.tv (using the credentials signed in with)
- Plex.tv confirms access to the share / media is permitted.
- Plex.tv confirms whether the host is online or not.
- Plex.tv now brokers the handoff between server and the app at the individual socket connection level.
- Once brokered, plex.tv steps out of the loop, Server begins streaming to the app.
As you can see, at no point in time is the ‘app’ (browser / whatever) connected any further than the server’s Remote Access port and is fully under the control of your PMS server.
Going by this info, is there a need (security wise) to change the default port?
@tghowe said:
Going by this info, is there a need (security wise) to change the default port?
If you are using UPnP, the port is picked at random. If you are using a manual port forward, then I always recommend picking a random port in the 40000-60000 range. 32400 is a well known port for Plex, so it’s a good idea to pick something other than that.
To go ‘total geek’ . Any outbound ports from your PMS will be random port numbers due to how the TCP stack handles them.
UPnP picks a random port at the modem/router. The firewall nature there forwards it to 32400.
To get into your PMS system they would need to know how Plex protocol works AND establish a TLS connection to begin communicating AND they would need your encryption key set to start the connection. Aka… “Not very likely to happen” (which is why PMS has such enhanced security).
Thank you all for the input!
@kegobeer-plex said:
@tghowe said:
Going by this info, is there a need (security wise) to change the default port?If you are using UPnP, the port is picked at random. If you are using a manual port forward, then I always recommend picking a random port in the 40000-60000 range. 32400 is a well known port for Plex, so it’s a good idea to pick something other than that.
I’m using a manual port forward, so I did it right. 
Thanx!
