UPnP strikes again Page 2 - dslreports.com

Author	All Replies
Millenniumle join:2007-11-11 Fredonia, NY	reply to toadlife Re: UPnP strikes again The first three are common. Flash updates are promted at many websites, keeping most pretty up to date. UPnP is enabled by default in most routers. Many of the most common consumer routers are 192.168.(0 or 1).1. The forth seems to be the issue. Perhaps a more universally effective hack would be to alter DNS. All network traffic gets sent to a code injected front end to a popular site like Google. Malware site injects vulnerability if vulnerabilty exists then redirects to a real Google server via IP, bypassing the DNS.
	to forum · permalink · · 2008-01-16 15:05:08 ·
Lanik Lab-nik Premium,ExMod 2002-03 join:2001-06-25 Bay Area	reply to Mele20 said by Mele20 : I'd say Microsoft has some fixing to do. Fixing? Scrap it and re-write is what I think they should do. UPnP has more security holes then Swiss cheese. -- "If it ain't broke don't fix it."
	to forum · permalink · · 2008-01-16 16:15:49 ·
tempnexus Premium join:1999-08-11 Boston, MA	reply to toadlife WOW, where can I get that big_b00bies.exe ?!?!??! That looks tempting, I wonder how big is big.
	to forum · permalink · · 2008-01-16 18:04:52 ·
toadlife Premium join:2004-05-03 Lemoore, CA ·AT&T Yahoo	reply to Lanik said by Lanik : said by Mele20 : I'd say Microsoft has some fixing to do. Fixing? Scrap it and re-write is what I think they should do. UPnP has more security holes then Swiss cheese. There is really no "Fixing" UPnP. The point of UPnP is to make it so users don't have to configure their routers. If you rewrite it to have security/authetication built in then users would have to configure their routers!
	to forum · permalink · · 2008-01-16 18:53:48 ·
toadlife Premium join:2004-05-03 Lemoore, CA ·AT&T Yahoo	reply to Millenniumle said by Millenniumle : The forth seems to be the issue. Perhaps a more universally effective hack would be to alter DNS. All network traffic gets sent to a code injected front end to a popular site like Google. Malware site injects vulnerability if vulnerabilty exists then redirects to a real Google server via IP, bypassing the DNS. That looks slightly more feasible that infecting a host on the LAN, but it still seems like a lot of trouble to go to when there is no guarantee that your target with have all the needed variables in place. I wonder what percentage of home routers even have the ability to forward traffic outside.
	to forum · permalink · · 2008-01-16 19:04:25 ·
procto join:2004-10-02 Jasper, AL	reply to swhx7 I have renabled UpNP again on my router because Xbox Live does not work the same without it tried port forwarding and giving it a DHCP reservation on my router. Don't play any computer games only some xbox live.
	to forum · permalink · · 2008-01-17 10:54:24 ·
Mele20 Premium join:2001-06-05 Hilo, HI	reply to toadlife said by toadlife : said by Lanik : said by Mele20 : I'd say Microsoft has some fixing to do. Fixing? Scrap it and re-write is what I think they should do. UPnP has more security holes then Swiss cheese. There is really no "Fixing" UPnP. The point of UPnP is to make it so users don't have to configure their routers. If you rewrite it to have security/authetication built in then users would have to configure their routers! What I meant was that FolderShare won't work if UPnP is not enabled on an approved router. Port forwarding I don't think is workable substitute like what procto says about Xbox Live. But I'm not sure as I no longer have FolderShare. -- "The same ferocity that our founders devoted to protect the freedom and independence of the press is now appropriate for our defense of the freedom of the internet. The stakes are the same: the survival of our Republic". Al Gore, The Assault on Reason
	to forum · permalink · · 2008-01-17 21:49:03 ·
EGeezer Go Bobcats Premium join:2002-08-04 Country! ·Callcentric ·RoadRunner Cable ·AT&T CallVantage 3 edits	reply to swhx7 said by article : Aside from adding a port mapping other actions can be performed on an Internet Gateway Device, including deleting port mappings. Deleting existing portmappings can disrupt the correct working of programs. The focus in Armijn’s paper is on the Internet Gateway Device profile in general and the WANIPConnection and WANPPPConnection profiles in particular. But there are probably a lot of other opportunities which he didn’t test. Hacks he could think about to create chaos are: - shutting down routers by using the LANHostConfigManagement subprofile - injecting false DNS-records by using the LANHostConfigManagement subprofile - abuse HVAC controls with UPnP - remotely control IP cameras, of which some seem to be using the UPnP AV profile More detail here. 2006 paper by Armijn Hamel here. said by paper : With the current UPnP protocol there is an implicit trust relationship between all UPnP capable devices on the same network. Every device is a peer and there is no policy mechanism in place to check whether or not a device is allowed to make use of a specic service. This characteristic alone makes it clear to me what the risks are for me and my customers. In keeping with a least privilege/least function security philosophy, None of my or my customers' routers or other devices have things like UpnP, SNMP, RIP or other functions not needed for use. Even my hoary old FVS318 router has UpnP capability - disabled of course. EDIT - I do have some devices with SNMP enabled, but the community strings are long and complex like router logins. UPnP is a security brain f4rt. -- BBR's Shooting for a Cause!
	to forum · permalink · · 2008-01-17 22:57:05 ·


Saturday, 28-Nov 04:08:58	Terms of Use \| Privacy Policy \| Hosting by www.nac.net - DSL,Hosting & Co-lo \| feedback \| contact over 10 years online! © 1999-2009 dslreports.com.republican-creole page compression OFF