dslreports logo
 
    All Forums Hot Topics Gallery
spc
uniqs
41
Frodo
join:2006-05-05

Frodo to Mele20

Member

to Mele20

Re: Security Flaws in Universal Plug-n-Play: Unplug, Don't Play

Then I guess your router is broke. Not old, but broke. If you're concerned about this UPnP thing, then you'll have to get a new one.

When I looked in my router's firewall log, other than the GRC scans, I didn't see any UPnP probing.
Mele20
Premium Member
join:2001-06-05
Hilo, HI

1 recommendation

Mele20

Premium Member

Yep. I would have to get a new router whenever my ISP implements IPv6 as my router has no idea what that is...it is that old. I would rather wait awhile (since my ISP has said nothing about when IPv6 will be implemented and also because I wanted to finish paying for my new computer first). Plus, I was always going to buy another Linksy (even though support on this one was not good ....but the router was good) but now Cisco has sold Linksy to Belkin I don't think I want a Linksy, but other brands don't interest me much either.
Mele20

Mele20 to Frodo

Premium Member

to Frodo
said by Frodo:

Then I guess your router is broke. Not old, but broke. If you're concerned about this UPnP thing, then you'll have to get a new one.

Maybe not. I just read the Defense Code paper. My router does not have a Broadcom chip. The chip is a Kendin Ks8695. I doubt it is vulnerable. Linksy should list which ones of theirs are vulnerable. I doubt that any Linksy routers so old that DD-WRT firmware cannot be made to work on them are vulnerable.

On an ironic note, I now remember that it was my activating UPnP in the router that caused the nasty bug to trigger that set a random password. I stumbled on the threads at Linksy just now and decided to again try the passwords users say are what the router sets when it sets a "random" one (and that worked for some users but not others). They didn't work on Fx but I thought, what the heck, I'll try on IE as one has a character that evidently the browser adds...so I did that and IE popped a Security Warning that the Linksy User Name and Password would be transmitted as plain text