[ Date Index ] [ Thread Index ] [ <= Previous by date / thread ] [ Next by date / thread => ]

Re: [LUG] Router vulnerability

To: list@xxxxxxxxxxxxx
Subject: Re: [LUG] Router vulnerability
From: Chris Smith <dclug.org.uk@xxxxxxxxxxxxxxx>
Date: Fri, 25 Jan 2008 07:53:53 +0000

Grant Sewell wrote:
> I've said for many years now that UPnP is an abomination of
> networking.  Pretty much any application running on a host PC can
> request that the router opens up and forwards incoming traffic
> arbitrarily.  What's the point in having a firewall if you go and
> invent and widely implement a technology that circumvents it without
> the need for authorisation?!

Yup, stupid really. The SOHO routers are just doing what they are being
told by this inherently insecure protocol.

Anybody got any ideas if it will allow you to forward privileged ports?
I expect that it probably depends on vendor implementation.

-- 
The Mailing List for the Devon & Cornwall LUG
http://mailman.dclug.org.uk/listinfo/list
FAQ: http://www.dcglug.org.uk/linux_adm/list-faq.html

Follow-up: Re: [LUG] Router vulnerability
- From: Julian Hall
Follow-up: Re: [LUG] Router vulnerability
- From: Brad Rogers
Follow-up: Re: [LUG] Router vulnerability
- From: george

References:
- [LUG] Router vulnerability
  - From: Allister Gearon
- Re: [LUG] Router vulnerability
  - From: Grant Sewell

Prev by Date: Re: [LUG] Learning Perl as a non-programmer
Next by Date: [LUG] User friendly Linux
Previous by thread: Re: [LUG] Router vulnerability
Next by thread: Re: [LUG] Router vulnerability
Index(es):
- Date
- Thread