Hope someone can help here.
I have hassio installed on Ubuntu. Recently have noticed certain lights turning on at random times, only my zigbee ones connected to deconz. I investigated and removed and added them to no avail.
Then, while going to the phoscon page, I suddenly had multiple gateways showing. They all had odd IP addresses. Mine is the usual 192.168.1.xx and shows up as a Conbee (correct). Some more were showing up as 10.1.1.44 or 192.168.2.62 and they were showing up Raspbees. If I clicked them, my password would not work but would on mine.
I immediately turned off internet access to the hassio pc with my router (it has a phone app where you can turn off individual internet access but leave internal network working).
I then waited a day and there were no phantom lights and, after a refresh and delete of browsing data from chrome, all the other gateays had gone. So, I tried putting the internet access back on again and within an hour more gateways appeared again.
I haven’t got any ports open in my router and have uPNP off. I use the Nabu Casa cloud for external access.
How are the new gateways appearing and how is someone adding them and controlling my lights with them ? Is there any other way someone is accessing my deconz / phoscon app ? via the API maybe ?
I have turned off the SSH, MQTT and samba add-ons to see if it was that but it is still happening with them off.
Also have installed a VPN to see if that would help but it still happens with that enabled too. Obviously I have changed all my passwords and logins.
I could reinstall the PC and start again but without knowing how this happened it might well just happen again ?
Anyone have any ideas ?
