Re: UPnP
From: David H. Lipman (DLipman~nospam~_at_Verizon.Net)
Date: 02/25/05
- Previous message: winged: "Re: UPnP"
- In reply to: winged: "Re: UPnP"
- Next in thread: winged: "Re: UPnP"
- Reply: winged: "Re: UPnP"
- Reply: Hairy One Kenobi: "Re: UPnP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 25 Feb 2005 01:47:43 GMT
"winged" <winged@nofollow.com> wrote in message news:cvlv46$a0r@dispatch.concentric.net
| Stuart M wrote:
|| I have been thinking about UPnP on routers. Am I right in thinking that if
|| you have this enabled, a program is able to open incoming ports on your
|| router?
|| If this is true, what is to stop a malicious program from opening its own
|| ports using UPnP and opening your pc to access from anyone who tries to
|| conect to said program?
||
||
| I would do this only with a very very good reason to do so. I can think
| of no reason good enough.
|
| Universal plug and pray can be very dangerous to use and does open you
| up to vulnerabilities. The FBI recommended for some time that this be
| disabled due to the compromise potential, though I haven't seen anything
| recently on this.
|
| Yes UPnP can allow for dynamic opening and closing of ports. Yes, it can
| be exploited.
|
| I would think long and hard before I enabled the service. I had to go
| out of my way to ensure UPnP was specifically disabled on all of our
| systems. Sometimes convenience has a price in this case, in my personal
| opinion, the risk is too high.
|
| Winged
But that is if you have not patched the OS and TCP port 5000 is open to the Internet. When
using uPnP in conjunction with uPnP compliant Routers, there is no problem as this
networking remains on the LAN side and does not cross the LAN/WAN barrier.
The advantages of using uPnP compliant; Routers, OSs and applications are indeed worth
using it.
I haven't seen *any* <you know who's> CERT vulnerability Assessments on uPnP and you know
<who's> requirement it is to go to WinXP.
-- Dave
- Previous message: winged: "Re: UPnP"
- In reply to: winged: "Re: UPnP"
- Next in thread: winged: "Re: UPnP"
- Reply: winged: "Re: UPnP"
- Reply: Hairy One Kenobi: "Re: UPnP"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
