subDimension

Dropbox LANSync

I had a friendly email from my VPS provider this morning. It had been reported that my server was port scanning other servers and that I needed to do something about it.

My first instinct was to panic: “OMG, I’ve been hacked and I’m spewing spam from my server, I should never have thought I was ever capable of running these things myself”.

This was shortly replaced with “Hmm, that port number looks oddly ‘reasonable’, it must be something ‘friendly’.” I took a shot in the dark and Googled “Dropbox port 17500”. Hits! Phew!

Dropbox has a nifty feature called LANSync, where it will try to find other machines on your local network and sync with them. It’s a clever idea that means you’re not forever sending the same files up and down the internet when you use it on multiple machines (and after all, what’s the point of Dropbox if not to keep multiple machines in sync!).

I knew about this and had naively thought that it would just get ignored in a VPS environment - I’m a bit ignorant of how it all works really.

Apparently not though. My server has been spamming my VPS neighbours every 30 seconds for the last few weeks. Whoops!

After looking through the documentation I linked in my post about setting this all up in the first place, I noticed a distinct lack of any help with switching off LANSync from the command line - the links they provide are all broken now (nice going!).

Luckily I’d taken the time to install the Dropbox CLI, so I ran it:

$  ./bin/dropbox.py

Dropbox command-line interface

commands:

Note: use dropbox help <command> to view usage for a specific command.

 status       get current status of the dropboxd
 help         provide help
 puburl       get public url of a file in your dropbox
 stop         stop dropboxd
 running      return whether dropbox is running
 start        start dropboxd
 filestatus   get current sync status of one or more files
 ls           list directory contents with current sync status
 autostart    automatically start dropbox at login
 exclude      ignores/excludes a directory from syncing
 lansync      enables or disables LAN sync

Ah hah! Last one looks like the ticket:

$  ./bin/dropbox.py lansync

enables or disables LAN sync
dropbox lansync [y/n]

options:
  y  dropbox will use LAN sync (default)
  n  dropbox will not use LAN sync

$  ./bin/dropbox.py lansync n

hmm, no feedback, always helpful!

I’ve never really been a belt-and-braces kind of person, but I don’t want to get shut down by my VPS provider, so a bit more research turned up iptables which is installed on all Ubuntu releases.

$  /sbin/iptables -A OUTPUT -p udp --dport 17500 -j DROP
$  iptables-save

which should block it from getting out if it ever starts up again. Sorted.