[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Router vulnerability

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Router vulnerability
From: george <georgeparker20@xxxxxxxxxxxxxx>
Date: Fri, 25 Jan 2008 11:32:11 +0000
Content-disposition: inline

On Friday 25 January 2008, Chris Smith wrote:
> Grant Sewell wrote:
> > I've said for many years now that UPnP is an abomination of
> > networking.  Pretty much any application running on a host PC can
> > request that the router opens up and forwards incoming traffic
> > arbitrarily.  What's the point in having a firewall if you go and
> > invent and widely implement a technology that circumvents it without
> > the need for authorisation?!
>
> Yup, stupid really. The SOHO routers are just doing what they are being
> told by this inherently insecure protocol.
>
> Anybody got any ideas if it will allow you to forward privileged ports?
> I expect that it probably depends on vendor implementation.

My nice shiny new Buffalo router has UPnP switched off by default. There's 
sensible now Boyo.

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

References:
- [LUG] Router vulnerability
  - From: Allister Gearon
- Re: [LUG] Router vulnerability
  - From: Grant Sewell
- Re: [LUG] Router vulnerability
  - From: Chris Smith

Prev by Date: Re: [LUG] Windows, BBC iPlayer & FairUse4WM
Next by Date: Re: [LUG] OT now was Why are there so few women in our LUG - does this indicate there are few female Linux users ?
Previous by thread: Re: [LUG] Router vulnerability
Next by thread: Re: [LUG] Router vulnerability
Index(es):
- Date
- Thread