dslreports logo
site
 
    All Forums Hot Topics Gallery
spc

spacer




how-to block ads


Search Topic:
uniqs
40
share rss forum feed


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Reviews:
·Optimum Online
·Clearwire Wireless
reply to Thinkdiff

Re: [Security] Universal Plug and Play vulnerability

said by Thinkdiff:

In the Apple world, the following services use UPnP: iChat audio/video, FaceTime, Back to My Mac, Find my iPhone/iPad (this can work without it, I think), Find My Mac, remote Screen Sharing, etc (there's probably a few I'm forgetting).

I use many of the above as well as Vonage. The Vonage router uses UpNp to open inbound voice ports and it does so randomly.

said by Thinkdiff:

Apple routers use UPnP or a similar protocol called NAT-PMP. I'm not sure if NAT-PMP is also vulnerable in the way the article mentions, but you can safely disable it if you don't use any of the services I mentioned earlier.

Is there an external test to determine whether UpNp is accessible remotely?

--
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."

"People should not be afraid of their governments. Governments should be afraid of their people"


dickmead
Premium
join:1999-08-22
Pasadena, CA
grc.com now has a test for upnp wan access in the shields-up section.
Just fyi


TamaraB
Question The Current Paradigm
Premium
join:2000-11-08
Da Bronx
kudos:1
Thanks!