Everything you need to work together, all in one place.Explore Zoom One's Collaboration Tools
Connect virtually from anywhere with Zoom Meetings
Collaborate together with Zoom Chat
Call the world with Zoom Phone
Create and brainstorm with Zoom Whiteboard
Rich conversation analytics to improve sales
Send and receive messages and calendar invitations
Bring fluid interactions to hybrid teams with Zoom Huddles
Remove the hassle of traditional scheduling with Zoom Scheduler
Innovative video solutions for every meeting space.
Solutions to host impactful virtual and hybrid experiences.Find a Solution for Every Event
An omnichannel cloud solution optimized for video.
Zoom solutions elevate collaboration across vertical use cases.Discover Zoom Industry Solutions
Enabling exciting new ways to teach, learn, and connect globally
Transforming client engagement and employee experiences
Improving collaboration between agencies, ministries and constituents
Connecting care, collaboration, and medical innovation
Real-time communication, anywhere in the world
Bridging the in-store and online experiences
An open platform that allows developers to build Zoom apps and integrations.
Explore thousands of apps that work with or within Zoom
Explore over 1,500 apps in Zoom App Marketplace
Documentation for building with Zoom's technology using SDKs, APIs, and webhooks
Documentation for building on Zoom's platform using APIs, Webhooks, and SDKs
Post your questions and get help from our developer community
Discover new ways to use Zoom solutions to power your modern workforce.
Access expert-led tutorials on Zoom products and features.
Network with other Zoom users, and share your own product and industry insights.
Get documentation on deploying, managing, and using the Zoom platform.
I have a Synology RT6600ax router with "Threat Prevention". When a Silversneakers zoom meeting is started on a Samsung Galaxy S10 Android phone, I get a LOT of events generated. There are 2 kinds of events:
2. Possible KEYPLUG/Downadup/Conficker-C P2P encrypted traffic UDP Ping Packet (bit value 4)
I presume this is getting confused because zoom is doing a P2P protocol and is encrypting UDP packets.
I only get one of these events and I believe it happens RIGHT after I allow the SQL events.
I don't allow this P2P event and it doesn't seem to stop the meeting, but should I allow this one?
Thanks for any clarification on this.
Also, when using this on the phone, what ports and IP addresses are used?
I love my Synology RT6600ax! I'm on Zoom meetings all the time, and have never had an alert from the router relating to any Zoom meeting.
I'm assuming you've got the ax router at home and have configured it yourself, as opposed to something at a work site. There are settings you can use to block certain sites for youngsters at home, but the info you shared doesn't seem like it's related to that.
If you'd like to send me the meeting link via PM, I'll give it a try and see what happens on this end and let you know.
Have you looked at the DS Router app on the phone and then gone to the Settings | Traffic Monitor | Applications? If so, have you ever seen traffic from Tor? I have and I don't know where that traffic is coming from and if it is legit or a hack.
Ray, are you using threat prevention? If so, and you go into the Self-defined Policy menu item and then look at the signatures and then "A Network Trojan was detected", what do you have for the action for "Possible KEYPLUG/Downadup/Conficker-C P2P encrypted traffic UDP Ping Packet (bit value 4)"? Is it "Do nothing"? I've changed most of the high and medium and some of the low to "Drop" instead of whatever the default is. If it is a risk, I want to disable it until I PROVE (as best I can) that it is not something to worry about, at least for the particular instance.
I hadn't answered your question as to whether this is at home self configured and Yes, and Yes. I'm a LONG time programmer (first code written in 1966) and not a beginner in software, but this is my first deep foray into routers thanks to Spectrum not updating my old modem/router (and my old router could ONLY be updated by the ISP).
I have just been adding the events to "Do nothing". Today, just now, it didn't complain about the Sql or Conficker. I presume it accessed the same IP.
But I did still get a complaint about it using TLS1.0. I've added that to the "Do nothing" events.
Maybe I can get that link from my wife when she is done and I can send it to you. Although, it will probably be too late then because the SilverSneakers will be over.
I wonder if the problem is just with the SilverSneakers and not Zoom meetings in general.
How is your performance with Threat Prevention active. It looks like it is cutting mine down by about 10%. My ISP supplies 300Mbps download and even on ethernet I only get about 270Mbps. Before, when I was using my NetGear C7000v2 modem/router with no sort of Threat Prevention available, I was even getting up to about 350Mbps. On wifi, I'm only getting 86Mbps right now (don't know if wife's Zoom is taking away from that performance). But at it's best the wifi is probably only getting around 200Mbps.
It doesn't look like I can have you try it. Meeting is now over and can't be joined. You probably have to be a member of SilverSneakers to use it anyway.
Thanks for the offer.
I think these events may be unique to the SilverSneakers meetings.
Each time the zoom meeting is started, I get the ton of Sql complaints probably because a different IP is used every time. But once I'm past that, I still get "GPL SHELLCODE x86 setgid 0". The combination of looking for sql and this shellcode which looks like it tries to get administrator makes me wonder about SilverSneakers and what is going on. Of course, if TP were off, I'd never know about these things and maybe everything is fine. Wish I knew for certain.