Kitz ADSL Broadband Information
adsl spacer  
Support this site
Home Broadband ISPs Tech Routers Wiki Forum
 
     
   Compare ISP   Rate your ISP
   Glossary   Glossary
 
Please login or register.

Login with username, password and session length
Advanced search  

News:

Author Topic: uPNP security issues  (Read 4094 times)

sheddyian

  • Kitizen
  • ****
  • Posts: 1159
    • My Shed Blog
uPNP security issues
« on: February 06, 2013, 12:52:06 AM »
I've just been reading a short post http://nakedsecurity.sophos.com/2013/02/05/upnp-flaws-turn-millions-of-firewalls-into-doorstops/ on the Sophos security website about potential security issues with Universal Plug and Play (uPNP) devices on your network.

It seems that many (possibly older) devices are vulnerable to attack.  This includes modems/routers.

It's worth following and reading the links in that article, but in summary there are two checks provided :

To see if the external facing side of your modem/router is open to uPNP attack, visit this web site and run the online check http://upnp-check.rapid7.com/

To scan all devices on your internal network, you can download a (Windows only) program from here : http://www.rapid7.com/resources/free-security-software-downloads/universal-plug-and-play-jan-2013.jsp

that you can run on your computer, and give it an address range to scan.  (This would typically be 192.168.1.1 to 192.168.1.254 but your setup may vary).  << Needs Java to be installed on your computer!

It will detect devices, see which ones it recognises, and tell you if any of them are vulnerable.

I'm pleased to say all my kit passed  8)

Ian
Logged

roseway

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 43795
  • Penguins CAN fly
    • DSLstats
Re: uPNP security issues
« Reply #1 on: February 06, 2013, 07:35:10 AM »
Thanks for the warning. My kit passed too (and I do have uPnP enabled on the HG622 modem/router). :)
Logged
  Eric

kitz

  • Administrator
  • Senior Kitizen
  • *
  • Posts: 33915
  • Trinity: Most guys do.
    • http://www.kitz.co.uk
Re: uPNP security issues
« Reply #2 on: February 06, 2013, 02:40:36 PM »
I seem to recall many years ago (2003ish?) that it wasnt recommended to have uPNP enabled and you port forwarded for every app you wanted to use... which was a PITA and even then some progs were difficult to use certainly those that required direct file transfers.

Im pretty sure that M$ released some uPNP patches in about 2005/2006 which plugged most of uPNP vulnerabilities, and to TBH since then (until now) I cant recall ever seeing any concerns over uPNP.   

Ive just run both tests on my TG582n. 

Test 1 returned "Congratulations! Your router did not respond to a UPnP discovery request."
The Windows test identified uPNP on my router but returned 0 exploitable.
Logged
Please do not PM me with queries for broadband help as I may not be able to respond.
-----
How to get your router line stats :: ADSL Exchange Checker

sevenlayermuddle

  • Helpful
  • Addicted Kitizen
  • *
  • Posts: 5369
Re: uPNP security issues
« Reply #3 on: February 06, 2013, 06:31:16 PM »
I got the same 'congratulations...' and the same '0 exploitable'.  It didn't warn me about identifying uPNP, but I have it disabled, so I suppose that's OK

I don't have any specific concerns over uPNP (though there have been in the past), it's just that I strive to have no firewall ports at all open on thevrouter.  To fulfill that goal, I need to prevent any software apps fom opening firewall ports without my knowledge, even the reasons for doing so are valid.
Logged
 

anything