Re: uPnP on home/school router
- From: Jeff Liebermann <jeffl@xxxxxxxxxx>
- Date: Sun, 29 Aug 2010 13:57:17 -0700
On Sat, 28 Aug 2010 22:40:23 -0700, DevilsPGD
Sure, but external exploits are on the wrong side of the NAT / firewall
to open a port using UPnP.
UPnP opens ports on the WAN side of the router. The most common are
Microsoft Messenger ports at two per client. When I scanned my
firewall for open ports, I was rather surprised to see two random
ports open for every Windoze PC I had on the network. Also common is
for a virus to use UPnP to open a WAN port to allow the evil bad guys
to control a trojaned PC.
If the router is buggy enough to accept UPnP requests from outside,
you've likely got other design flaws that will bite you long before this
<http://www.sourcesec.com/Lab/soho_router_report.pdf> Pg 13.
Jeff Liebermann jeffl@xxxxxxxxxx
150 Felker St #D http://www.LearnByDestroying.com
Santa Cruz CA 95060 http://802.11junk.com
Skype: JeffLiebermann AE6KS 831-336-2558