Warning: Consoles Still Connect To Xbox Live Despite Family Settings, Confirmed by sniffing outgoing UDP network traffic Options

[Kiewee123]

I can confirm that only enabling restrictions 'Xbox LIVE Access' and 'Xbox Live Membership Creation' in 'Console Control' (in Family Settings) is NOT adequate protection for your Jtag flashed console.

I sniffed outgoing connections whilst running an Xbox1 game (this is in FSD if anyone is interested) because I was curious as to why I was greeted with 'you need to update' despite not being logged in to any profile, let alone on xbox live. This message would disappear if I removed the Ethernet cable (used to update FSD + FTP on LAN).

The console successfully connects to 65.55.42.183 using the kerbose service (handshake?), then connecting again afterward on 65.55.42.180 on UDP port 3074. The IP range 65.55.42.* is owned by Microsoft Corp, and is located in Bellevue in the US.

Evidently, despite the suggested precautions, our consoles are still capable of connecting online beknown to us. Microsoft could quite easily pull one off again and 'surprise us', as they did with the Ixtreme banning, with a forced update or such.

I highly suggest you either block all outgoing/incoming WAN traffic on your console's MAC address, or remove the ethernet cable entirely, particular if your console's R3T6 resistor has not been removed/shorted.

Finally, exercise extreme caution in all future updates, 9199 onwards. Microsoft could quite easily not only impose a ban on your Xbox LIVE account and console, but could remove your console's exploitabilty therefore rendering your jtag useless.

I thought I aught to share my findings with the community - please share your thoughts, I hope someone can prove me wrong.

This post has been edited by Ranger72: Aug 1 2010, 09:33 PM

[inspuration]

I can confirm that only enabling restrictions 'Xbox LIVE Access' and 'Xbox Live Membership Creation' in 'Console Control' (in Family Settings) is NOT adequate protection for your Jtag flashed console.

I sniffed outgoing connections whilst running an Xbox1 game (this is in FSD if anyone is interested) because I was curious as to why I was greeted with 'you need to update' despite not being logged in to any profile, let alone on xbox live. This message would disappear if I removed the Ethernet cable (used to update FSD + FTP on LAN).

The console successfully connects to 65.55.42.183 using the kerbose service (handshake?), then connecting again afterward on 65.55.42.180 on UDP port 3074. The IP range 65.55.42.* is owned by Microsoft Corp, and is located in Bellevue in the US.

Evidently, despite the suggested precautions, our consoles are still capable of connecting online beknown to us. Microsoft could quite easily pull one off again and 'surprise us', as they did with the Ixtreme banning, with a forced update or such.

I highly suggest you either block all outgoing/incoming WAN traffic on your console's MAC address, or remove the ethernet cable entirely, particular if your console's R3T6 resistor has not been removed/shorted.

Finally, exercise extreme caution in all future updates, 9199 onwards. Microsoft could quite easily not only impose a ban on your Xbox LIVE account and console, but could remove your console's exploitabilty therefore rendering your jtag useless.

I thought I aught to share my findings with the community - please share your thoughts, I hope someone can prove me wrong.

Good job sniffing that out mate.