Comments on: UPnP Security Flaws http://www.goland.org/upnp_security_flaws/ Technology, Politics, Food, Finance, etc. Mon, 23 Jan 2012 17:37:17 +0000 hourly 1 http://wordpress.org/?v=3.3.1 By: Administrator http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-169365 Administrator Wed, 08 Aug 2007 05:04:55 +0000 #comment-169365 Unfortunately I am years and years and more years away from UPnP land. The best I can do is point you to <a href="http://upnp.org/contact/default.asp" rel="nofollow">UPnP contact</a> page for the forum. Sorry. Unfortunately I am years and years and more years away from UPnP land. The best I can do is point you to UPnP contact page for the forum. Sorry.

]]> By: Wajdi http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-169098 Wajdi Mon, 06 Aug 2007 13:36:52 +0000 #comment-169098 Hello; I'm dealing with a project to secure the UPnP ondevice, media server and rederer; I want to have some bugs on device in order to identify witch functions or service will be implemented. thanks Hello;
I’m dealing with a project to secure the UPnP ondevice, media server and rederer; I want to have some bugs on device in order to identify witch functions or service will be implemented.

thanks

]]> By: stacey m http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-24212 stacey m Fri, 27 Oct 2006 21:27:53 +0000 #comment-24212 Govz, Go to DynDNS and setup a free DNS name, then use their updater client and it will always update your IP address if or when it changes - it will even email you the changes if you set up the option in the client config settings. e.g. - govz.getmyip.com - could be your domain name and it would always correspond to your IP address xxx.xxx.xxx.xxx when you did a domain name lookup. Works great as I constantly do a lot of remote access and always need to know my routers' IP addresses. Hope this helps. Govz,
Go to DynDNS and setup a free DNS name, then use their updater client and it will always update your IP address if or when it changes – it will even email you the changes if you set up the option in the client config settings.
e.g. – govz.getmyip.com – could be your domain name and it would always correspond to your IP address xxx.xxx.xxx.xxx when you did a domain name lookup.
Works great as I constantly do a lot of remote access and always need to know my routers’ IP addresses.

Hope this helps.

]]> By: Govz http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-21791 Govz Thu, 21 Sep 2006 01:46:01 +0000 #comment-21791 Hello sir, I am quite new to UPnP. And my problem is, I have to decide whether it is safe or not. I am trying to come up with a solution on how to grab my router's external address. However, there are only two ways I know of, 1) UPnP and 2) via HTTP / site requests. Will enabling UPnP put the network at risk? I have read in some articles that when we enable UPnP in a router, anybody can just execute port translation. Is there any other way to get my WAN/ROUTER Internet IP Address? Thanks and sorry. Hello sir,

I am quite new to UPnP. And my problem is, I have to decide whether it is safe or not. I am trying to come up with a solution on how to grab my router’s external address. However, there are only two ways I know of, 1) UPnP and 2) via HTTP / site requests.

Will enabling UPnP put the network at risk? I have read in some articles that when we enable UPnP in a router, anybody can just execute port translation.

Is there any other way to get my WAN/ROUTER Internet IP Address?

Thanks and sorry.

]]> By: Nick http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-15664 Nick Fri, 30 Jun 2006 18:46:53 +0000 #comment-15664 found some info to share. I found alot of things I Like about plug an play too thx to your page. Found this on grc.com, this crazy guy talks about all the OLD issues Your right theres ABSOLUTELY NOTHING, new an all thats resovled less I know. This was interesting though, it says: Will a NAT Router, like a LinkSys, protect my system? A non-UPnP aware NAT router makes a terrific hardware firewall since it discards unexpected and unsolicited inbound Internet packets. But as routers become UPnP-aware their behavior will need to be carefully scrutinized with regard to Internet pass-through. We can hope that they will offer explicit UPnP security to prevent external traffic from entering the internal network. But in any event, our ShieldsUP! Port Probe can always be used to quickly check your network's external UPnP profile. Hey Yaron Thx Without your help I wouldn't have known what to google. Upnp Profile:) really appreciate your help:) YOU ROCK~! found some info to share. I found alot of things I Like about plug an play too thx to your page.
Found this on grc.com, this crazy guy talks about all the OLD issues Your right theres ABSOLUTELY NOTHING, new an all thats resovled less I know. This was interesting though, it says:

Will a NAT Router, like a LinkSys, protect my system?
A non-UPnP aware NAT router makes a terrific hardware firewall since it discards unexpected and unsolicited inbound Internet packets. But as routers become UPnP-aware their behavior will need to be carefully scrutinized with regard to Internet pass-through. We can hope that they will offer explicit UPnP security to prevent external traffic from entering the internal network. But in any event, our ShieldsUP! Port Probe can always be used to quickly check your network’s external UPnP profile.

Hey Yaron Thx Without your help I wouldn’t have known what to google. Upnp Profile:) really appreciate your help:) YOU ROCK~!

]]> By: Administrator http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-15612 Administrator Thu, 29 Jun 2006 06:21:39 +0000 #comment-15612 Sigh, you are speaking to the UPnP NAT/Router profile and to be honest I never did know anything about it. My job was to design the underlying UPnP network protocols. I had no involvement, even peripherally, with any of the profiles. So I don't have the information needed to answer your questions. Sorry. Sigh, you are speaking to the UPnP NAT/Router profile and to be honest I never did know anything about it. My job was to design the underlying UPnP network protocols. I had no involvement, even peripherally, with any of the profiles. So I don’t have the information needed to answer your questions. Sorry.

]]> By: Nick http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-15603 Nick Thu, 29 Jun 2006 00:40:43 +0000 #comment-15603 I'd like to appoligize for using your time first, I'm trying to read the http://upnp.org stuff, mainly the UPnP Security Ceremonies White Paper, but its really difficult to sort through all that to find one lil answer. *bowing for your guidence* I know this is ancient, but thx so much for being here. I'm sure I'm not the only on who appreciates your time , patients, and help. Qestion1: What govers UPnP ablilty to accept external network commands? (a)The Router Firmware Implimentation (b)The UPnP Code itself (c)None of the above, the better answer is to shutup an listen to what you have to say. Question 2: If Answer to Question1 is (a) than. If its the router/manufacturers job to decide wether or not to impliment accepting external NAT UPnP commands. (a) Is there something you can do to stop it from communicating over the external NATs' IP? (b) you would be willing to point me to some reading that would help my ignorance. (c) none of the above. Just shutup an listen to what you have to say. I’d like to appoligize for using your time first, I’m trying to read the http://upnp.org stuff, mainly the UPnP Security Ceremonies White Paper,
but its really difficult to sort through all that to find one lil answer. *bowing for your guidence* I know this is ancient, but thx so much for being here. I’m sure I’m not the only on who appreciates your time , patients, and help.

Qestion1: What govers UPnP ablilty to accept external network commands?
(a)The Router Firmware Implimentation
(b)The UPnP Code itself
(c)None of the above, the better answer is to shutup an listen to what you have to say.

Question 2: If Answer to Question1 is (a) than.
If its the router/manufacturers job to decide wether or not to impliment accepting external NAT UPnP commands.
(a) Is there something you can do to stop it from communicating over the external NATs’ IP?
(b) you would be willing to point me to some reading that would help my ignorance.
(c) none of the above. Just shutup an listen to what you have to say.

]]> By: Administrator http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-847 Administrator Mon, 27 Jun 2005 03:01:19 +0000 #comment-847 Not necessarily. There is nothing in UPnP that would make your router inherently insecure. The issues with UPnP were always about the implementation rather than the underlying protocol. Of course I would say that since I designed most of the underlying protocol. So apply appropriate amounts of salt. Not necessarily. There is nothing in UPnP that would make your router inherently insecure. The issues with UPnP were always about the implementation rather than the underlying protocol. Of course I would say that since I designed most of the underlying protocol. So apply appropriate amounts of salt.

]]> By: Chris Replogle http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-846 Chris Replogle Sun, 26 Jun 2005 23:49:47 +0000 #comment-846 So is it a security issue if I enable UPNP in my router? So is it a security issue if I enable UPNP in my router?

]]> By: Yaron http://www.goland.org/upnp_security_flaws/comment-page-1/#comment-823 Yaron Thu, 24 Feb 2005 11:36:05 +0000 #comment-823 <br/>There is nothing really UPnP specific in the question, any router that accepts external commands can potentially be subverted. There is nothing really UPnP specific in the question, any router that accepts external commands can potentially be subverted.

]]>