I’ve NEVER liked UPNP…. now I have another reason….



I remember the first Windows XP vulnerability was a Upnp vulnerability. I have made one of my first visits on any new XP system a visit to grc.com to disable it on an XP workstation. But, it’s the great thing – makes life so much easier for setting up network devices. “You just don’t like it cause it puts you out of business….” It looks like Upnp is a really “malicious hacker friendly” kind of thing, especially when it’s installed and running on a gateway router… let’s say you have a hardware firewall with Upnp. Normally, you plug in an IP camera and maybe the IP camera uses Upnp to open a port so it’s accessible from the outside world. Nice, simple right? Well… what if you download a “browsing experience enhancement toolbar” that opens up another port on the firewall so you can act as a mail relay?


Nice, simple, easy…. Or, what if you’re little firewall is happily cloaking traffic from one internet machine to another internet machine. (Maybe even LONG after your spyware infestation has been cleaned up.) Or, what if you’re companies hvac controls are upnp enabled? is it hot in here? There are some GOOD details at securityview.org on these Upnp vulnerabilties the core of it is that authentication may be in the standard, but it doesn’t appear to be used.

Please, disable Upnp on your networked devices. Your life will be nice and simple if you’re not relaying mail for spammers or cloaking traffic for who knows what. And yes that means, you should either learn how to do port forwards manually, or pay someone to set them up for you. Sorry, but that’s the best way to actually have control over it at this point.

Related Posts

Blog Traffic Exchange Related Posts
  • Exploit in the wild for Apple vulnerability A couple days ago there was a release of Mac OS X 10.4.7 which addressed several security flaws. There is now an exploit published for one of these vulnerabilities. The attacker using this exploit could gain remote root (administrator) access to the machine. So, don't delay any further on patching.......
  • SSH, Proxies (Proxy's?), Tor and Web Browsing For quite some time I've been making use of a dd-wrt modified linksys box on my home network as an openvpn endpoint so that when I'm out and about in the world, I connect the vpn, switch firefox to route through a squid proxy server on the home network and......
  • Windows RDP Denial of service vulnerability I just saw this article at zdnet news a few minutes ago. Basically a new security bulletin is out with regards to Windows Remote Desktop Server being vulnerable to a denial of service (DoS) attack. Essentially it affects Windows 2000, XP and Server 2003. It appears that under an overwhelming......
Blog Traffic Exchange Related Websites
  • Free Internet Security Suite Free iolo Internet Security for 1 Year Brave The New Web With Confidence for FREE Now for the 1st entry into the new Freebies Category, for FREE you get this nice, not so little program requiring 256MB of RAM that detects, blocks, and removes viruses, rootkits, worms, and trojans as......
  • Learning the Basics of Money Management For many people, the prospect of money management is just too much to handle. Nobody really enjoys being a bean counter, and if you're spending too much and having a good time doing it, money management may be the farthest thing from your mind. However, given the state of the......
  • eBook Fishing in California The Complete Guide to California Fishing Download Your 32 Page FREE eBook Are you planning a vacation to California? Looking for a better way to fish the more than 1000 lakes throughout this state? You'll find everything you need to know inside The Complete Guide to California Fishing! We've......
www.pdf24.org    Send article as PDF   

Similar Posts


See what happened this day in history from either BBC Wikipedia
Search:
Keywords:
Amazon Logo

Comments are closed.


Switch to our mobile site