Remote-access Guide

plex remote access vulnerabilities

by Alessandro Heaney Published 3 years ago Updated 2 years ago
image

Once a Plex user’s media server is exposed due to CVE-2020-5742, the attacker obtains access to an admin authentication token that would allow them to execute arbitrary code remotely with the same privileges as the media server. From there, the attacker could pivot to other machines on the network or install backdoors.

Media company Plex has fixed a vulnerability in its media server that could have been used by hackers to strengthen DDoS attacks. In an announcement released last Friday and updated on Saturday, Plex said that it has issued hotfix 66 for Plex Media Server to address the flaw in its product.Feb 9, 2021

Full Answer

How to enable remote access on Plex Media Server?

If you want to enable remote access on Plex, a specific port needs to be opened on your router to allow the traffic to flow correctly. Most people will not run into issues trying to enable Remote Access with their Plex Media Server.

Is Plex vulnerable to DDoS attacks?

Media company Plex has fixed a vulnerability in its media server that could have been used by hackers to strengthen DDoS attacks. In an announcement released last Friday and updated on Saturday, Plex said that it has issued hotfix 66 for Plex Media Server to address the flaw in its product.

Is Plex safe to use with router?

But, you are opening a port on your Router to do this which means that is a potential vulnerability. Some protect their access through cloudflare or VPNs. IMO, you are already pretty secure what plex natively provides.

How do I block the outside world from seeing my Plex server?

Your firewall appliance should be the first thing that the outside world sees. What you should do is set your router to only allow port 32400 through, and direct it to your Plex server.

image

Is Plex remote access secure?

Plex has teamed up with Let's Encrypt to provide our users with high-quality secure certificates for your media servers, at no cost to you. There's no need to set up VPNs and no need to create and install your own certs. You can safely and securely connect to your media no matter where you are.

Is Plex vulnerable to log4j?

The Plex Industrial Internet of Things product was affected by the vulnerability, but the proper mitigation technique has been put into place and it is no longer affected. A patch will be released on Monday to upgrade the product to Log4j2 version 2.15 which is not susceptible to the vulnerability.

Is it safe to open ports for Plex?

Yes, port forwarding Plex is safe. Just make sure your internet connection is secured with AES 256-bit encryption for optimal online privacy and security.

Why do I keep losing remote access on Plex?

Open Plex Web App and make sure you're signed in to your Plex account on the server under Settings > Server > General. Go to Settings > Server > Remote Access. If needed, toggle the Show Advanced button to ensure the appropriate options are visible. Enable the Manually specify public port checkbox.

Can Plex be hacked?

"Plex's startup processes unintentionally expose a Plex UPnP-enabled service registration responder to the general Internet, where it can be abused to generate reflection/amplification DDoS attacks," Netscout researchers said in a Thursday alert.

How do you tell if you have Log4j?

Navigate into the "META-INF" sub-directory and open the file "MANIFEST. MF" in a text editor. Find the line starting with "Implementation-Version", this is the Log4j version.

What does Plex remote access do?

Enable access to your Plex Media Server from outside your local network so that you can reach it when away from home or for sharing content with family or close, personal friends. You can do this under Settings > Server > Remote Access in Plex Web App.

Does Plex share your data?

Your personal content is stored on your personal hardware (“Personal Content”). Except in the limited circumstances described below, we do not collect filenames or content titles of your Personal Content. We do, however, keep usage statistics to allow us to better serve you and improve our Services.

Is Plex UDP or TCP?

The most important port to make sure your firewall allows is the main TCP port the Plex Media Server uses for communication: TCP: 32400 (access to the Plex Media Server) [required]

Does Plex need a static IP?

A Public Static IP is not needed, largely because the AT&T "dynamic" address changes so infrequently that Plex will have no trouble tracking you down.

Do you need Plex Pass for remote access?

It's not true. All users can stream remotely providing you've configured your Plex Server correctly. Head to Settings > Remote Access > Enable Remote Access to set it up. In this regard, the Plex Pass is only useful if you're going to be in a place with no internet—it lets you save content directly onto your device.

How do I allow insecure connections Plex?

However, if the server you're connecting to is remote, you'll need to change the Plex settings on your TV to allow for insecure connections. To do this, go to settings and find the “Advanced” section. Set “Allow Insecure Connections” to “Always” as seen below.

What is vulnerable for Log4j?

Log4shell is a critical vulnerability in the widely-used logging tool Log4j, which is used by millions of computers worldwide running online services. A wide range of people, including organisations, governments and individuals are likely to be affected by it.

How bad is Log4j vulnerability?

How can hackers take advantage of Log4j's vulnerability? The Log4j flaw allows attackers to execute code remotely on a target computer, which could let them steal data, install malware or take control. Exploits discovered recently include hacking systems to mine cryptocurrency.

How serious is the Log4j vulnerabilities?

In simple terms, hackers can easily steal data or take control over the system. This vulnerability has the potential to expose organisations to new waves of cybersecurity risks, where the attackers can exploit using Remote Code Execution (RCE).

How serious is the Log4j issue?

Log4j is used by millions of websites and apps — and the software's flaw potentially allows hackers to take control of systems by typing a simple line of code, according to cybersecurity experts.

What port do you forward plex media server to?

If you are manually forwarding a port, set that forward up beforehand and make sure you know the external port number which you are forwarding (remember that you need to forward the external port you choose to internal port 32400 for the internal IP address of the device running Plex Media Server)

What to do if remote access is disabled?

If Remote Access is currently disabled, then use the Enable Remote Access button to trigger your server to try to configure a connection. The server will attempt to automatically configure a connection through your router using UPnP or NAT-PMP first.

Does Plex Media Server allow remote access?

The information displayed by default will depend on the current state of the Plex Media Server. Unless disabled, your Plex Media Server will attempt to set up Remote Access for you.

Does Plex Media Server require a Plex Pass?

Tip!: This feature requires an active Plex Pass subscription for the Plex Media Server admin Plex account.

Which iPhone is good for plex?

Apple iPhone (X and Xs): An excellent mobile platform for Plex. Basically every file-type I have tried to stream from Plex streams using direct play. Plex does not have perform any transcoding (file conversions) because the iPhone essentially can play everything. ------.

Why is the risk not the open port itself but the program which is listening on the port?

The risk is not the open port itself but the program which is listening on the port because the program is what enables security holes.

Does Plex use SSL?

Plex uses their own certificate to create an SSL connection to the plex server. This is a good thing so the communication between the client and the server is encrypted and not even your ISP is able to look into your traffic if they want to.

Does Plex take forever to load?

At least for me, for some reason on regular Plex apps such as the Windows 10 app, the iPhone app, or the web app, it always takes forever for search results and library pages to load but actually streaming a show doesn't take much time to load at all .

Is plex secure?

IMO, you are already pretty secure what plex natively provides. You can set the "secure connections" to "required" but then you will not be able to access the server with an IP address in your own network.

How to make Plex Media Server secure?

What precautions? Make a strong password for your Plex account. Make sure the computer you are running the Plex Media server is up to date on security patches and anti-virus. Make sure it's behind a firewall of some type, and only the ports needed to be open are open. Make sure the computer user account the Plex Media Server service runs under cannot log into the desktop. Disable any remote desktop software (Windows Remote Desktop, Linux SSH, VNC, etc. (or at least any remote access from the Internet - I keep SSH on my Linux server available, but VPN into my network to use it).

What is plex media server?

The Plex Media Server is smart software that makes playing Movies, TV Shows and other media on your computer simple.

What happens if someone takes over your Plex account?

An d if for some reason someone does happen to take over your Plex account, the worse thing they could do is delete you media and mess up your server. Nothing critical. It's not like they are getting your password for your bank account.

Does Plex take forever to load?

At least for me, for some reason on regular Plex apps such as the Windows 10 app, the iPhone app, or the web app, it always takes forever for search results and library pages to load but actually streaming a show doesn't take much time to load at all .

Is plex server safe?

If you take the proper precautions , it's just as safe as Facebook, Twitter, or Reddit is. The only thing it's really missing is MFA , but otherwise, it's safe. And if someone does happen to get control of your Plex server, that's really all that they have control over. I have not heard of any vulnerabilities in Plex that allows someone to take control of the entire server.

Why is cybersecurity important in remote work?

Bringing cybersecurity to the top-of-mind for your remote workforce is important in successfully educating employees on the new risks their work environment presents. Conducting training for security best practices, as well as discussing your organization’s cybersecurity standing and vulnerabilities with the entire workforce are both potential ways to combat network threats.

What should be protected using multi-factor authentication?

Any machine that is capable of connecting to your network should be protected using multi-factor authentication, automatic session timeouts, and access monitoring to prevent unauthorized users from getting into the data, even if they have the device.

Is IT security playing catch up?

IT security teams are still playing catchup when it comes to securing the remote workforce. We’re committed to making their jobs easier through our BitSight Security Ratings solutions for monitoring, managing, and mitigating cyber risks. Read our research to learn more about the unique risks of work from home-remote office networks and what to do next to mitigate the latest security threats.

Can remote workers access sensitive information?

But with remote work and the physical locations of your workforce and sensitive information further apart, the chances of unauthorized users accessing sensitive data through employees’ computers, phones, and tablets increases exponentially .

How many Plex servers are observable?

At this point, around 37,000 abuseable Plex servers are now observable on the internet, according to Netscout. Further, Modi said that Netscout found 5,500 separate DDoS attacks involving this exploit, leveraging around 15,500 separate Plex servers.

What port is Plex Media Server?

A Plex spokesperson told TechRepublic that the report was correct in saying that a Plex Media Server accessible over the public internet through UDP on port 32414 could be used to reflect traffic and amplify a DDoS attack. However, the report's assertion ...

Can a Plex exploit allow a DDoS attack?

To clarify certain details, Plex said that the exploit would not have allowed attackers to access any private data or make changes to the accounts of its users. Instead, the flaw could have caused an affected server to "reflect" UDP packets as a way to amplify a DDoS attack against another server or network on the internet.

Can a router forward UDP traffic to Plex Media Server?

When using a router performing NAT (this includes most consumer systems), configure it not to forward UDP traffic on these "additional" ports from the public internet to the device running Plex Media Server.

Is Plex Media Server exploited?

Plex patches media server bug potentially exploited by DDoS attackers. by Lance Whitney in Security on February 9, 2021, 11:24 AM PST. All users of Plex Media Server are urged to apply the hotfix, which directs their servers to respond to UDP requests only from the local network and not the public internet. Image: iStockphoto/ArtHead-.

image
A B C D E F G H I J K L M N O P Q R S T U V W X Y Z 1 2 3 4 5 6 7 8 9