|
Authored by: tknarr on Wednesday, January 30 2013 @ 12:54 PM EST |
I was always of the opinion that UPnP was designed to be a
vulnerability from the start. It's whole purpose is to enable software running
behind a firewall to modify the firewall to allow outside access to the machine
that the firewall administrators have blocked. It's job is to bypass your
firewall protection. And they seriously want me, as a network admin, to enable
this? Yeah, right, pull the other one, it's got bells on. This pretty much sums
up my thoughts on doing that:
http://bwaff.com/remember-that-time-you-forgot-to-think/. [ Reply to This | Parent | # ]
|
|
Authored by: Anonymous on Wednesday, January 30 2013 @ 08:25 PM EST |
Don't ignore the fact that consumer-grade wireless routers use UPnP to allow any
program running on your PC to punch holes in the router's firewall, and even to
set up a listener port to act as an Internet server. If you completely disable
UPnP this won't work anymore, and you might just be surprised at how many
programs will mysteriously start complaining or misbehaving.
This was all done For Your Convenience, but like many other
"convenience" designs, it frequently amounts to little more than
nailing the key to your digital front door onto the door itself, under a sign
saying "Key Here".[ Reply to This | Parent | # ]
|
|
Authored by: caecer on Wednesday, January 30 2013 @ 10:27 PM EST |
Except perhaps this is a new vulnerability; but of course the old ones mostly
don't get fixed in things like routers.
See the warning posted by
NIST.org on Thursday 18 May 2006:
UPnP Vulnerability Could Expose
Every Computer on Your Network [ Reply to This | Parent | # ]
|
|
|
|
|