I forwarded Plex ports through my router (which is not supposed to be done!). I had a few sensitive documents on my server disk (not medias, and not included in any libraries). Could anything get access to those?
Here are the ports (that I now closed)
3005/tcp controlling Plex Home Theater via Plex Companion
8324/tcp controlling Plex for Roku via Plex Companion
32469/tcp access to the Plex DLNA Server
1900/udp access to Plex DLNA Server
32410/udp GDM network discovery
32412/udp GDM network discovery
32413/udp GDM network discovery
32414/udp GDM network discovery
1st things first:
this is the ports your server needs to have enabled WITHIN YOUR HOME NETWORK for Plex services to work smoothly. it’s PURELY home network related.
as for security… I don’t see those ports immediately giving access to sensitive data or even highjack a system… that always depends on what app is listening to those ports and how they react when being triggered from an outside user.
However… more open ports give an attacker more vectors to compromise your system. Not so much a scenario where you have an unrestricted access to a “shared folder” for everyone.
@tom80H said:
Not so much a scenario where you have an unrestricted access to a “shared folder” for everyone.
Meaning I was not in such a scenario? forgive my english
for comparison…
you left your car unlocked – people could get into it (accessing the port) but they cannot drive away. this function is not “implemented”; they can sit, they can listen to your car’s radio – those are “public functions” you get by accessing the car; driving isn’t (this translates to having access to your Plex server for someone you invited).
BUT… being inside the car could give a capable person access to the cars cabling so they could shortcut the car and get it to drive (IF there’s a security flaw in any of the components behind the port, people could exploit that to use non-public functions).
