Hi all,
I came across this and thought I'd better spread it, in case it may affect you.
This show http://twit.tv/show/security-now/389 pointed out that someone has discovered that there is a UPnP vulnerability in a large number of routers out there.
Basically, UPnP allows devices to configure your router for you, and discover what services are available on the network. UPnP has its flaws, but is reasonably safe if confined within your local area network.
Unfortunately, a bunch of routers expose UPnP to the public internet. There is a possibility that if you have one of these routers, a hacker could use UPnP to discover what's on your network, and connect to it, and compromise it.
There's an easy way to check. Go to https://www.grc.com/default.htm
Click on the link for Shields up (3/4 of the way down the page) Click on the proceed button. Then click on the GRC's Instant UPnP Exposure Test button. This will scan your system. If you see the message
"THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES! (That's good news!)"
Then you're ok. If it doesn't say that, then try disabling UPnP on your router, and try again. I personally always disable UPnP - however, I don't have anything that needs it, e.g. XBox games.
HTH Steve