Re: uPnP on home/school router



On Sat, 28 Aug 2010 22:40:23 -0700, DevilsPGD
<Still-Just-A-Rat-In-A-Cage@xxxxxxxxxxxx> wrote:

Sure, but external exploits are on the wrong side of the NAT / firewall
to open a port using UPnP.

UPnP opens ports on the WAN side of the router. The most common are
Microsoft Messenger ports at two per client. When I scanned my
firewall for open ports, I was rather surprised to see two random
ports open for every Windoze PC I had on the network. Also common is
for a virus to use UPnP to open a WAN port to allow the evil bad guys
to control a trojaned PC.

If the router is buggy enough to accept UPnP requests from outside,
you've likely got other design flaws that will bite you long before this
one does.

<http://www.barracudalabs.com/wordpress/index.php/2010/06/15/the-wireless-router-insecurity-you-might-be-overlooking/>
<http://www.zdnet.com/blog/soho-networking/wi-fi-routers-vulnerable-to-upnp-attack-from-hackers/120>
<http://www.sourcesec.com/Lab/soho_router_report.pdf> Pg 13.
<http://www.upnp-hacks.org>

--
Jeff Liebermann jeffl@xxxxxxxxxx
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558
.


Quantcast