Hi all,
I came across this and thought I'd better spread it, in case it may affect you.
This show http://twit.tv/show/security-now/389 pointed out that someone has discovered that there is a UPnP vulnerability in a large number of routers out there.
Basically, UPnP allows devices to configure your router for you, and discover what services are available on the network. UPnP has its flaws, but is reasonably safe if confined within your local area network.
Unfortunately, a bunch of routers expose UPnP to the public internet. There is a possibility that if you have one of these routers, a hacker could use UPnP to discover what's on your network, and connect to it, and compromise it.
There's an easy way to check. Go to https://www.grc.com/default.htm
Click on the link for Shields up (3/4 of the way down the page) Click on the proceed button. Then click on the GRC's Instant UPnP Exposure Test button. This will scan your system. If you see the message
"THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES! (That's good news!)"
Then you're ok. If it doesn't say that, then try disabling UPnP on your router, and try again. I personally always disable UPnP - however, I don't have anything that needs it, e.g. XBox games.
HTH Steve
On 05-Jun-2013 10:55:15 steve-ALUG@hst.me.uk wrote:
Hi all,
I came across this and thought I'd better spread it, in case it may affect you.
This show http://twit.tv/show/security-now/389 pointed out that someone has discovered that there is a UPnP vulnerability in a large number of routers out there.
Basically, UPnP allows devices to configure your router for you, and discover what services are available on the network. UPnP has its flaws, but is reasonably safe if confined within your local area network.
Unfortunately, a bunch of routers expose UPnP to the public internet. There is a possibility that if you have one of these routers, a hacker could use UPnP to discover what's on your network, and connect to it, and compromise it.
There's an easy way to check. Go to https://www.grc.com/default.htm
Click on the link for Shields up (3/4 of the way down the page) Click on the proceed button. Then click on the GRC's Instant UPnP Exposure Test button. This will scan your system. If you see the message
"THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES! (That's good news!)"
Then you're ok. If it doesn't say that, then try disabling UPnP on your router, and try again. I personally always disable UPnP - however, I don't have anything that needs it, e.g. XBox games.
HTH Steve
Interesting (and thanks for the heads-up, Steve).
I just ran that test, and got the above "THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES!" message, despite the fact that my router has UPnP enabled. But that was probably because I have a stringent firewall setting that does not allow outsiders to initiate connections to the router.
So at least that was a test of my firewall!
Best wishes, Ted.
------------------------------------------------- E-Mail: (Ted Harding) Ted.Harding@wlandres.net Date: 05-Jun-2013 Time: 12:28:08 This message was sent by XFMail -------------------------------------------------
On Wed, 05 Jun 2013 12:28:11 +0100 (BST) (Ted Harding) Ted.Harding@wlandres.net allegedly wrote:
I just ran that test, and got the above "THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES!" message, despite the fact that my router has UPnP enabled. But that was probably because I have a stringent firewall setting that does not allow outsiders to initiate connections to the router.
So at least that was a test of my firewall!
Ted
Even with UPnP enabled, no decent router should expose that to the internet facing side. The vulnerbilities exposed by HD Moore et al are on routers which /do/ so expose it. (Cheap chinese stuff. Ooops even Cisco manufacture in China these days - and then they wonder why Huawei's OS looks like theirs.....)
Mick ---------------------------------------------------------------------
blog: baldric.net gpg fingerprint: FC23 3338 F664 5E66 876B 72C0 0A1F E60B 5BAD D312
---------------------------------------------------------------------
On 05/06/13 12:28, (Ted Harding) wrote:
On 05-Jun-2013 10:55:15 steve-ALUG@hst.me.uk wrote:
I came across this and thought I'd better spread it, in case it may affect you.
[SNIP]
Interesting (and thanks for the heads-up, Steve).
I just ran that test, and got the above "THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES!" message, despite the fact that my router has UPnP enabled. But that was probably because I have a stringent firewall setting that does not allow outsiders to initiate connections to the router.
So at least that was a test of my firewall!
Hi Ted,
The thing is, UPnP was not supposed to be available to the public internet side of the router, but on some, it is. So it is probably that your router handles UPnP correctly and is not vulnerable, or it may be your firewall is protecting you. Either way, you're protected, which is what matters!
Cheers Steve
-
mick -
steve-ALUG@hst.me.uk -
Ted.Harding@wlandres.net