dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
13
share rss forum feed

Frodo

join:2006-05-05
reply to Mele20

Re: Security Flaws in Universal Plug-n-Play: Unplug, Don't Play

Then I guess your router is broke. Not old, but broke. If you're concerned about this UPnP thing, then you'll have to get a new one.

When I looked in my router's firewall log, other than the GRC scans, I didn't see any UPnP probing.


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5

1 recommendation

Yep. I would have to get a new router whenever my ISP implements IPv6 as my router has no idea what that is...it is that old. I would rather wait awhile (since my ISP has said nothing about when IPv6 will be implemented and also because I wanted to finish paying for my new computer first). Plus, I was always going to buy another Linksy (even though support on this one was not good ....but the router was good) but now Cisco has sold Linksy to Belkin I don't think I want a Linksy, but other brands don't interest me much either.
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson


Mele20
Premium
join:2001-06-05
Hilo, HI
kudos:5
reply to Frodo

said by Frodo:

Then I guess your router is broke. Not old, but broke. If you're concerned about this UPnP thing, then you'll have to get a new one.

Maybe not. I just read the Defense Code paper. My router does not have a Broadcom chip. The chip is a Kendin Ks8695. I doubt it is vulnerable. Linksy should list which ones of theirs are vulnerable. I doubt that any Linksy routers so old that DD-WRT firmware cannot be made to work on them are vulnerable.

On an ironic note, I now remember that it was my activating UPnP in the router that caused the nasty bug to trigger that set a random password. I stumbled on the threads at Linksy just now and decided to again try the passwords users say are what the router sets when it sets a "random" one (and that worked for some users but not others). They didn't work on Fx but I thought, what the heck, I'll try on IE as one has a character that evidently the browser adds...so I did that and IE popped a Security Warning that the Linksy User Name and Password would be transmitted as plain text
--
When governments fear people, there is liberty. When the people fear the government, there is tyranny. Thomas Jefferson