TamaraBQuestion The Current ParadigmPremiumReviews:
reply to Thinkdiff
Re: [Security] Universal Plug and Play vulnerability
said by Thinkdiff:I use many of the above as well as Vonage. The Vonage router uses UpNp to open inbound voice ports and it does so randomly.
In the Apple world, the following services use UPnP: iChat audio/video, FaceTime, Back to My Mac, Find my iPhone/iPad (this can work without it, I think), Find My Mac, remote Screen Sharing, etc (there's probably a few I'm forgetting).
said by Thinkdiff:Is there an external test to determine whether UpNp is accessible remotely?
Apple routers use UPnP or a similar protocol called NAT-PMP. I'm not sure if NAT-PMP is also vulnerable in the way the article mentions, but you can safely disable it if you don't use any of the services I mentioned earlier.
"Remember, remember the fifth of November.
Gunpowder, Treason and Plot.
I see no reason why Gunpowder Treason
Should ever be forgot."
"People should not be afraid of their governments. Governments should be afraid of their people"