dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
21
share rss forum feed


Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2

1 recommendation

reply to norwegian

Re: Security Flaws in Universal Plug-n-Play: Unplug, Don't Play

Yep. I think it's on by default in pretty much every router. The funny thing is, I can't think of a reason why it should even be there.
--
"I fear the day that technology will surpass our human interaction. The world will have a generation of idiots." ~ Albert Einstein



services

@anonymouse.org

said by Juggernaut:

Yep. I think it's on by default in pretty much every router. The funny thing is, I can't think of a reason why it should even be there.

I think its so people using certain services can get out to the net, like torrent or a game or program instead of having to set port forwarding. Portforward = port always open, upnp only opens the port when you launch an app. Correct me if im wrong, if I am I will also disable it on my router and see how it plays on the net with my apps!

Side note , if i remember correctly some mobos even have upnp in the bios, do you disable that too?


DigitalXeron
There is a lack of sanity

join:2003-12-17
Hamilton, ON

1 recommendation

reply to Juggernaut

said by Juggernaut:

Yep. I think it's on by default in pretty much every router. The funny thing is, I can't think of a reason why it should even be there.

In large, end users can be lazy at times and UPnP facilitates that laziness as people don't have to configure their NAT routers to have a new program.

Allegedly it's supposed to be so applications like games and whatnot can automatically set up port forwarding. Unfortunately some program vendors set their programs up to dynamically allocate ports, rather than statically set them so you can set up the port forwarding once manually and leave it.
--
--Kradorex Xeron
[an error occurred while processing this signature]


Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2

I see. I'm not a gamer, so it's something I've not encountered. Thanks.



Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2
reply to services

Of course, as I build my own boxes. I set up my mobo's by hand to tweak the performance, and eliminate this kind of stuff.


OZO
Premium
join:2003-01-17
kudos:2
reply to Juggernaut

said by Juggernaut:

The funny thing is, I can't think of a reason why it should even be there.

What is even funnier - I'm using it for the last decade and never had any security problem with it

As with everything in this life there is a danger and there is a usefulness. Knife is an example. I'm sure that many. many people cut their fingers with knives every day. Nevertheless, they still use it... I think the same is true about UPnP. Take your time and get a knowledge how to use it safely and then ... use it safely
--
Keep it simple, it'll become complex by itself...


Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2

Bud, as I've stated, I've never needed it with any prog or device yet. And, I do practice safe hex.


OZO
Premium
join:2003-01-17
kudos:2

Good. I do the same.

Example of just two usages:
* dynamic port assignment - torrent app. New (random) port is forwarded on the router every time it starts. Port is immediately closed when it's done.
* almost static port assignment (I may change it time to time) - SIP server, FreeSWITCH. Achieved convenience is - I change it in one place (SIP server's configuration) only.

Again, IT life is not simple like black and white. It may bring you benefits and desired automation, but one has to learn how to use it safely (because there are always people, who want to exploit everything at their disposal against gullible and naive). Another controversial for some example - I use actively ActiveX without security problems. Or, JavaScript is always on, whatever site I visit (Flash, on the other hand, can be started on my demand only and BTW, on all my computers its elevated privileges are removed, search this forum for my posts how to do it). And at the same time, I don't run any AV products all the time. I simply don't need them, because I do what you're doing -- practice safe hex

The main problem INHO sits on a chair and clicks on any links or buttons it sees...
--
Keep it simple, it'll become complex by itself...



Juggernaut
Irreverent or irrelevant?
Premium
join:2006-09-05
Kelowna, BC
kudos:2

The 'Zombie Surfer'! *Gasp*



trparky
Apple... YUM
Premium,MVM
join:2000-05-24
Cleveland, OH
kudos:2
reply to Juggernaut

I ran the scan myself, I just inputted junk data into the program and it accepted it.