Intel’s Active Management Technology (AMT) Management Engine (ME) and AMD’s Secure Technology both present a massive threat to user privacy and computer security.
On the Intel side, this highly controversial technology is integrated in nearly every processor the company has produced since 2008 and it can be difficult or impossible to disable it. These chips within chips, which run their own operating system, can access, and be accessed from, the network. Intel’s AMT/ME apparently has access to all of the hardware in the chain above it, including storage, cameras and microphones. Furthermore, the Intel AMT subsystem remains powered on even when the machine is “off”.
In the video, ‘GEOSHIFTER’ provides the port numbers he believes are used by the Intel AMT/ME system. You can block the ports in your router since it is apparently not possible to block them on the machine itself, however he also warns that doing so may not be effective if the router also uses an Intel chipset. In my case i use a Linksys WRT 1900 ACS which does not use an Intel or AMD processor and which has plenty of horsepower to handle VPN encryption. I replaced the stock firmware on the router with DD-WRT. The better option however would be to buy a Turris Omnia.
I believe the following is the correct code to block the ports on routers/devices which use the iptables firewall. On version 3 of DD-WRT, you can manage the firewall from Administration > Commands. Note that i’m blocking a few extra ports based on my own research of this issue:
iptables -I FORWARD -p all -m multiport --dport 623,664,5900,9971,16992-16995 -j DROP