topbanner_forum
  *

avatar image

Welcome, Guest. Please login or register.
Did you miss your activation email?

Login with username, password and session length
  • August 17, 2018, 08:16 AM
  • Proudly celebrating 13 years online.
  • Donate now to become a lifetime supporting member of the site and get a non-expiring license key for all of our programs.
  • donate

Last post Author Topic: Homeland Security: Disable UPnP  (Read 9789 times)

app103

  • That scary taskbar girl
  • Global Moderator
  • Joined in 2006
  • *****
  • Posts: 5,743
    • View Profile
    • Donate to Member
Re: Homeland Security: Disable UPnP
« Reply #25 on: February 02, 2013, 07:20 PM »
Unfortunately, ScanNow requires Java. Kind of ironic to make your system vulnerable one way to find out if you are vulnerable another.  :huh:

Tinman57

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 1,702
    • View Profile
    • Donate to Member
Re: Homeland Security: Disable UPnP
« Reply #26 on: February 02, 2013, 07:40 PM »
(my fiber connection is 40Mb symetrical).

  YOU
Spoiler
DICK!   :P


tomos

  • Charter Member
  • Joined in 2006
  • ***
  • Posts: 11,290
    • View Profile
    • Donate to Member
Re: Homeland Security: Disable UPnP
« Reply #27 on: February 03, 2013, 07:26 AM »
Unfortunately, ScanNow requires Java. Kind of ironic to make your system vulnerable one way to find out if you are vulnerable another.  :huh:

is the online router scan enough if you're using a stand-alone machine?
http://upnp-check.rapid7.com/

(I have java uninstalled - a check above gets me "Congratulations! Your router did not respond to a UPnP discovery request.")
Tom

f0dder

  • Charter Honorary Member
  • Joined in 2005
  • ***
  • Posts: 9,134
  • [Well, THAT escalated quickly!]
    • View Profile
    • f0dder's place
    • Read more about this member.
    • Donate to Member
Re: Homeland Security: Disable UPnP
« Reply #28 on: February 03, 2013, 07:29 AM »
is the online router scan enough if you're using a stand-alone machine?
http://upnp-check.rapid7.com/
Seems like they do a server-side check to your WAN IP - so you'll get to see whether your router is exploitable from the intarwebs (which is what really matters), but you won't get notified about other devices on your LAN.
- carpe noctem

Curt

  • Supporting Member
  • Joined in 2006
  • **
  • Posts: 7,340
    • View Profile
    • Donate to Member
Re: Homeland Security: Disable UPnP
« Reply #29 on: February 10, 2013, 12:36 PM »
How to fix the UPnP security holes Universal Plug and Play has always had security holes. Here's how to plug them. http://www.zdnet.com...ity-holes-7000010584
thanks for that - unfortunately, it sounds like you've got to be pretty much an expert to figure this stuff out :(
-exactly my thought as well. So I wrote Agnitum, because:
So what can you do in the meantime? Just keep that firewall up once and for all against UPnP traffic.
-ZDNet
We've survived UPnP until now, maybe all this is not extremely urgent... I hope for an answer no later than Monday.

I forgot to post the answer:

Your PC is protected by Outpost default rules:
(Settings - Application rules - svchost.exe - Network rules - block UPnP rule (1900 UDP))

Unfortunately,  Outpost  canĀ“t protect routers as it protects only the PC where the product is installed.
-Agnitum