|
|
Surprised nobody has mentioned uPnP issue.
As ever, Steve Gibson makes it clear what the problem is.
I have never enabled uPnP. Always thought it a bad idea. Now the cat is out of the bag, check your router TODAY.
|
|
|
The Register has an article about it.
ISP's need to check the equipment they have supplied their customers. The potential here is to attack everybody with a single UDP packet, that can be spoofed (and thus hard to trace).
|
|
|
|
|
|
The author of the above post is a thinkbroadband moderator but it does not constitute an official statement on behalf of thinkbroadband.
|
|
Register (or login) on our website and you will not see this ad.
|
|
|
Yeah, I saw that. Rather confusing thread. From what Steve Gibson was saying, this is something new. uPnP has been found to be residing on the WAN side of the router. The LAN side has been known for years to have vulnerabilities.
You cant test this by downloading software.
Edited by stuorguk (Thu 31-Jan-13 13:50:38)
|
|
|
|
Anyone care to explain this in English. I know about upnp but not sure how this exploit works. They just send a packet containing whatever to your router and upnp just opens the port and lets it through?
|
|
|
uPnP is a bit like giving the keys to the occupants of your safe house so that they can let visitors in. The lock is suppose to work only from the inside. So if a visitor stole a key, at worst, they could leave the door open (this is bad enough in my view � how long before you notice). Externally there is no keyhole....or shouldn�t be. However, stupid router manufactures put the lock on the door so that it is accessible from the outside too. Worse still, their uPnP implementations are full of bugs, so you dont even need a key!
US Homeland Security: Disable UPnP as tens of millions at risk
|
|
|
Cheers. What would happen if you did disable it on a home network? Would applications like messenger, skpe or whatever, aswell as devices like mobiles, xbox, playstation need to be manually configured to allow access?
Edited by bobble_bob (Thu 31-Jan-13 16:52:01)
|
|
|
Unfortunately, with all articles like this, it takes a very good understanding of networking/computers in order to properly assess the security vulnerability in its proper context. To me, I couldn't give a stuff, my computer is secure it doesn't matter whether it has no ports forwarded or is in the DMZ.
The problem is anyone without any knowledge of this sort of level is almost always going to misinterpret the situation and get overly paranoid (or not paranoid enough)!
Zen 8000 Pro
|
|
|
|
Your computer might be secure, but is your router? It is after all a computer that could be made to become a botnet, or even destroyed.
PC's tend to update themselves automatically for security updates. Routers dont. It's a plastic box that gets forgotten by most people.
|
|
|
Your computer might be secure, but is your router? It is after all a computer that could be made to become a botnet, or even destroyed.
PC's tend to update themselves automatically for security updates. Routers dont. It's a plastic box that gets forgotten by most people.
While not impossible that is highly unlikely, and also, I would consider that a separate issue to uPnP, what if it was just insecure "as is", not related to uPnP at all?
Admittedly, I wouldn't put anything past some of the cheapo ISP-supplied routers, they probably come pre-flashed from the factory with backdoors installed.
Zen 8000 Pro
|
|
|
|
Mainly the consoles.
|
|
|
I ran the Rapid 7 scanner and not sure I understand the results. It said exploitable - 0, identified - 1 which was my router. Am I locked down?
|
|
|
|
Open the router's web interface and look for a upnp option.
|
|
|
Found Upnp log with lots of skype entries but thats all I can find.
|
|
|
Tried the free scan and the result was OK as far as that test goes.
|
|
|
Ok found Upnp option do I disable and if so will that stop Skype working? It also gives a Upnp port number.
|
|
|
|
You can disable it for the time being and re-enable it if you have any issues.
By the way, the scan result is reporting that your router is uPnP enabled, not exploitable.
|
|
|
|
|
|
|
Shields UP!! has now got its Universal Plug n'Play (UPnP) Internet Exposure Test up and running. Unlike Rapid7, it does not need to be downloaded, stored in temp files and run on your PC.
I have uPnP enabled on my router and it passes the test: THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!
(That's good news!) 
1999: Freeserve 48K Dial-Up => 2005: Wanadoo 1 Meg BB => 2007: Orange 2 Meg BB => 2008: Orange 8 Meg LLU => 2010: Orange 16 Meg LLU => 2011: Orange 19 Meg WBC
|
|
|
Thanks for that! Mine passed too, so no worries here
|
|
|
Mine passed too, and the Rapid7 test.
Thanks for the link 
|
|
|
|
Billion 7800n (1.06f.dc.1) passed o.k. Hopefully Sky routers will be alright.
|
|
|
THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!
I assume mine passed
|
|
|
THE EQUIPMENT AT THE TARGET IP ADDRESS
DID NOT RESPOND TO OUR UPnP PROBES!
I assume mine passed
Same here
|
Pages in this thread: 
Print Thread
stuorguk
