ATTENTION: You are viewing a page formatted for mobile devices; to view the full web page, click HERE.

Main Area and Open Discussion > Living Room

Homeland Security: Disable UPnP

(1/6) > >>

Tinman57:
[ I did this years and years ago, just for this reason.  I wonder why it's just now being a big item.  Guess it takes the government this long to react....]

Homeland Security: Disable UPnP, as tens of millions at risk

The U.S. government is warning to disable a common networking feature after bugs have left tens of millions of hardware devices vulnerable to attacks by hackers and malware.

http://www.zdnet.com/homeland-security-disable-upnp-as-tens-of-millions-at-risk-7000010512

Stoic Joker:
(hay DHS-> Holy no shit batman!

...and they're here to "protect" us. [facepalm]

Renegade:
It then warns to "disable UPnP (if possible)", along with restricting networking protocols and ports, including Simple Service Discovery Protocol (SSDP) and Simple Object Access Protocol (SOPA) services from untrusted networks, including the Internet.
--- End quote ---

And there you have it! They finally admit that SOPA is a bad idea~! :P

f0dder:
Right, that article doesn't really give much info on what the problem is. I suspect you people's general remarks are focused on UPnP in general, especially in the context of corporate world - but for a lil' ol' home network, it makes life a lot easier... and if you're at the point where somebody could poke an incoming rule into your router via UPnP, well, they're already in your LAN and you're shit outta luck.

Now, the article specifically mentions libupnp, so I guess we're not talking the generic "zomg upnp is bad!" mindset here, but an actual exploitable bug. I wonder if this is something to worry about - if it's not reachable from the internet side of things, it's a fart in a cup of water imho.

Anyway, time to inspect the horse's mouth.

EDIT: done - yep, it's specific vulnerabilities. Rapid7 even has a scanner for it. My router isn't "detected" from it's WAN IP, and on my LAN only the router shows up (as detected, not vulnerable). So I'm keeping UPnP on :)

Stoic Joker:
It's still a pointlessly dangerous protocol IMO. Because anything that shows up on/from a web page is already on the LAN, and this "service" is just begging to be exploited. How many people really need to open a port that often?? Damn few I'd suspect.

Most people leave their home routers with the default password...because it's "easier to deal with". So add to that a handy-dandy helper that's just begging to play poke-N-hope and Um... Yeah -Gee Wiz- can't fathom why that wouldn't get beaten like a dead horse at a zombie christmas party.

Navigation

[0] Message Index

[#] Next page

Go to full version