dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
64

TamaraB
Question The Current Paradigm
Premium Member
join:2000-11-08
Da Bronx
·Verizon FiOS
Ubiquiti NSM5
Synology RT2600ac
Apple AirPort Extreme (2013)

TamaraB to Thinkdiff

Premium Member

to Thinkdiff

Re: [Security] Universal Plug and Play vulnerability

said by Thinkdiff:

In the Apple world, the following services use UPnP: iChat audio/video, FaceTime, Back to My Mac, Find my iPhone/iPad (this can work without it, I think), Find My Mac, remote Screen Sharing, etc (there's probably a few I'm forgetting).

I use many of the above as well as Vonage. The Vonage router uses UpNp to open inbound voice ports and it does so randomly.
said by Thinkdiff:

Apple routers use UPnP or a similar protocol called NAT-PMP. I'm not sure if NAT-PMP is also vulnerable in the way the article mentions, but you can safely disable it if you don't use any of the services I mentioned earlier.

Is there an external test to determine whether UpNp is accessible remotely?
dickmead
Premium Member
join:1999-08-22
Pasadena, CA

dickmead

Premium Member

grc.com now has a test for upnp wan access in the shields-up section.
Just fyi

TamaraB
Question The Current Paradigm
Premium Member
join:2000-11-08
Da Bronx

TamaraB

Premium Member

Thanks!