The good news is that this appears to fix issues with the HomePod Mini's connectivity and voice delay issues when using the speaker for Mac Mini.
Is it possible to configure the port that the AirPlay Receiver listens on?
The Remote Audio Output Protocol, AKA AirTunes, AKA AirPlay, has been using port 5000 since the year 2004. This is nothing new. All AirPlay receivers including AirPort Express and Apple TV use port 5000. If you've ever used Airfoil on your Mac (Airfoil Speakers was released in 2008), that also uses 5000 for the same reason. AirPlay receiving is new to macOS Monterey, but AirPlay itself is very old, predating Flask and these other web development environments. No, Apple is not trying to make web development difficult.
It seems that port number 5000 was never officially registered with IANA, and has many more conflicts.
Can we kindly ask Apple to register their service ports and use IANA assigned ports in the future?
https://en.wikipedia.org/wiki/List_of_TCP_and_UDP_port_numbers
Just found out about this, while running the docker example-voting-app and failing because port 5000 is used, so I run:
lsof -nP +c 15 | grep LISTEN
and there it was ControlCenter with ports 5000 and 7000 being used.
Unfortunately port 7000 was used to hack my iMac Apple Silicon 2 days ago, to control over my app, updated Xcode from unknown source and also changed Viber messenger. The hack thing was almost invisible, performed via previously hacked wifi router. So I decided to restore my system. I performed power button holding to enter my system options. I erased whole ssd and tried to load fresh new system. Well it does not go well, as the update server was unreachable - strange seemed to me. Than I realized that hackers have done something to my system options to force me not to revive or restore whole MacOS. I had to perform terminal destroy disk keys operation, ( terminal> xartutil --erase-all ) than I have found my iMac like diskless/bricked. I used Apple Configurator 2 to get my system back online and here I'm restored and healthy. Port 7000 is definitively dangerous to listen on while bad guys nearby... I almost forgot - my MacOS firewall was set to "blocking all incoming connections". So it seems there is still a way how to enter my MacOS.
This answered two of my questions on port usage, A, but and B, why my Control Center had been receiving incoming connections. However, I like Digitec have tried resetting my mac due to a previously hacked router issue, and just end up setting up another OS in a different partition somehow, and I am not new to this by any means. Files I can't access and the directory is a mess. So, Digitec, what can I do to avoid bricking and having to use the Apple Configurator 2 to revive? Any options there to make this a little easier and less time-consuming?
Back to the Port Issue, I don't understand why this Airplay Feature would use an insecure port AND have control center access on as a privacy setting by default. I've never seen this in my Preferences pane, which made me think that hackers could also access my accessibility settings which have never been set up in this version of OS on my Macbook, but I see now that there are enough options pre-set for a hacker to control my computer right there from the control center, and it's allowing incoming connections by default. Is this a design flaw we think?
To see what is or is not listening on port 5000, use this command at a Terminal window near you.
lsof -Pn | grep LISTEN
On the right you'll see
TCP *:5000 (LISTEN)
usually listed once for each IP version, and on the left is the name of the program that's sucking on the port, which is
ControlCe
if its AirPlay. If nothing is using that port, then it won't be listed.
This worked for me for docker registry 2.7 couldnt start as was its default port 5000. def control panel listening due to air play check mark
future reference "sudo lsof -i :5000" will give you port listening on 5000
I've also captured traffic that is malformed coming into my brand new Mac Apple Silicon. Port 7000 was open and bound to ControlCenter. The traffic I've captured (PCAP) respembles the airplay protocol RTSP. using a blist00 tag followed by a payload.
Interestingly, the attack traffic (dport 7000) has TCP options set. They are 12 bytes. 0101 and then 10 more bytes for an array of two timestamps. I'm pretty sure this is part of the attack payload.
Plus one above. This is seriously stupid Apple on so many levels - firstly using a known developer port is dumber than a rock. Secondly constantly changing the setting locations under cryptic naming conventions is idiotic as well. Do your Product managers really have such a skewed sense of intuitive organizational structure? Here is an idea -> try alpha sorting by service and functional category (General has no meaning at all lose it). See:
https://en.wikipedia.org/wiki/Categorization
Here is an example
Communication
Internet Accounts
Messages
Phone
Hardware
Displays
Energy Saver
Storage
Media
Airplay
Audio
Players
Video
Network
Bluetooth
Firewall
Thunderbolt
Operating System
About
Date & Time
Desktop & Dock
Screen Saver
Wallpaper
Language & Region
Login Items
Sharing
Sofware Update
Start Up disk
Time Machine
User Preferences
Accessibility
Appearance
Control Center (have the ability to alpha sort anything and everything and frankly create and or rename categories)
Focus
Login Password
Privacy and Security
Screentime
Siri & Spotlight
I think you get the idea. This would be a meta organizational standard with a location design pattern, not some random organization stragegy that "seems" to make sense when in reality it does not, and also does not scale at all. the layout changes from OS iteration to OS iteration and makes solution finding nearly impossible as many search results are returned, one for each new change, that do not apply (as happened here). The fact that this is not more obvious a problem is unbelieveable and the same patteren repeats over and over with the Apple development model. C'mon folks do more research on optimal organizational construct logic, patterning, searchability, optimization, and scaling over time. And don't use known development ports for propietary service your users may or may not chose to use.
This site contains user submitted content, comments and opinions and is for informational purposes only. Apple disclaims any and all liability for the acts, omissions and conduct of any third parties in connection with or related to your use of the site. All postings and use of the content on this site are subject to the
Apple Developer Forums Participation Agreement
and Apple provided code is subject to the
Apple Sample Code License
.
Forums
Apple Developer Program
Apple Developer Enterprise Program
App Store Small Business Program
MFi Program
News Partner Program
Video Partner Program
Security Bounty Program
Security Research Device Program