Re: UPnP attack

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



John Wendel wrote:
Alan Cox wrote:
On Sat, 19 Jan 2008 06:43:59 +0900
John Summerfield <debian@xxxxxxxxxxxxxxxxxxxxxx> wrote:

Les wrote:
Hi, guys,     I just got this from a Tech Republic newsletter:
http://blogs.techrepublic.com.com/tech-news/?p=1902

    Basically it notes a form of attack using port forwarding by use of
Flash and Javacode.  However, probably other scripting languages could
be used.  It is not OS or browser dependent, but rather depends on the
standard protocols of UPnP and and the Flash plug-in programing
standard _windows_ protocol. I've not heard of Linux doing it.

UPnP is a dreadful protocol but its perfectly possible to do it on Linux.
UPnP is an abomination for managing/controlling routers and other devices
so its quite possible your router talks it



Azureus uses it to automagically open ports on your router (if you let it).

Best to disable it in your router config.


Right you are, is used in most of the most popular and common routers.
LinkSys definitely uses it on more than one model.

-Max


[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux