I noticed traffic destined for port 7000 crossing multiple wireguard connections and was curious and alarmed.
Turns out the traffic originates from Apple Iphone devices, and is well known.
Anyone else seeing this? Should we be concerned enough to put in place specific firewalls that block dst port 7000?
See these links for more info about port 7000:
https://www.reddit.com/r/sysadmin/comments/1kbo5q5/huge_ios_and_macos_vulnerabilities/
I dropped this thinking maybe I am the only person experiencing, or bothered, by this.
I’m giving it another try.
I’ve been monitoring all packets destined for port 7000 and there are way too many, from so many sources with destination IP address within my private network but without devices at those IPs.
Everything I read shows port 7000 activity to an Apple device problem.
I have a bunch of Wireguard-connected sites and the destination IP addresses include networks at all the sites.
Maybe some curious soul might turn on packet sniffing for a day or two to see if they, too, have unexplained port 7000 packets?