I’ve NEVER liked UPNP…. now I have another reason….



I remember the first Windows XP vulnerability was a Upnp vulnerability. I have made one of my first visits on any new XP system a visit to grc.com to disable it on an XP workstation. But, it’s the great thing – makes life so much easier for setting up network devices. “You just don’t like it cause it puts you out of business….” It looks like Upnp is a really “malicious hacker friendly” kind of thing, especially when it’s installed and running on a gateway router… let’s say you have a hardware firewall with Upnp. Normally, you plug in an IP camera and maybe the IP camera uses Upnp to open a port so it’s accessible from the outside world. Nice, simple right? Well… what if you download a “browsing experience enhancement toolbar” that opens up another port on the firewall so you can act as a mail relay?


Nice, simple, easy…. Or, what if you’re little firewall is happily cloaking traffic from one internet machine to another internet machine. (Maybe even LONG after your spyware infestation has been cleaned up.) Or, what if you’re companies hvac controls are upnp enabled? is it hot in here? There are some GOOD details at securityview.org on these Upnp vulnerabilties the core of it is that authentication may be in the standard, but it doesn’t appear to be used.

Please, disable Upnp on your networked devices. Your life will be nice and simple if you’re not relaying mail for spammers or cloaking traffic for who knows what. And yes that means, you should either learn how to do port forwards manually, or pay someone to set them up for you. Sorry, but that’s the best way to actually have control over it at this point.

Related Posts

Blog Traffic Exchange Related Posts
  • Windows RDP Denial of service vulnerability I just saw this article at zdnet news a few minutes ago. Basically a new security bulletin is out with regards to Windows Remote Desktop Server being vulnerable to a denial of service (DoS) attack. Essentially it affects Windows 2000, XP and Server 2003. It appears that under an overwhelming......
  • Disinfecting a PC… part 9 Ok - about 22 or 23 critical updates for Windows ME. I'm suspecting it's never visited the Windows update site. While it's going I make sure that the adware scanners and antivirus scanner get to pull updates from the web as well. It's also time to scan for running network......
  • Firefox vulnerabilities and 1.5 Release Candidate I know there's been at least one and probably a couple of Mozilla Firefox vulnerabilities announced in the last month or so. There are currently (according to Secunia) 3 unpatched Firefox vulnerabilities. The secunia page for firefox has the details. There are two vulnerabilites for which there is a workaround......
Blog Traffic Exchange Related Websites
  • Free Internet Security Suite Free iolo Internet Security for 1 Year Brave The New Web With Confidence for FREE Now for the 1st entry into the new Freebies Category, for FREE you get this nice, not so little program requiring 256MB of RAM that detects, blocks, and removes viruses, rootkits, worms, and trojans as......
  • 5 Free Security Softwares - Must Use Here are 5 Free Security Softwares that you can use to combat your fear against Adwares, Viruses, Trojans, etc. 1.Avast Home Edition: Best Free Antivirus Avast is one of the best antiviruses I recommend to my friends. It is free and has many features which many of the Antiviruses lack.......
  • eBook Fishing in California The Complete Guide to California Fishing Download Your 32 Page FREE eBook Are you planning a vacation to California? Looking for a better way to fish the more than 1000 lakes throughout this state? You'll find everything you need to know inside The Complete Guide to California Fishing! We've......
PDF24    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site