Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Sat 25 Oct 2014, 21:14
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Homeland Security: Disable UPnP, as tens of millions at risk
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
Page 1 of 2 Posts_count   Goto page: 1, 2 Next
Author Message
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11122
Location: Arizona USA

PostPosted: Tue 29 Jan 2013, 22:53    Post_subject:  Homeland Security: Disable UPnP, as tens of millions at risk  

Homeland Security: Disable UPnP, as tens of millions at risk
Quote:
UPnP, or Universal Plug and Play, allows devices that connect to networks, to communicate seamlessly with one another and discover each other's presence. Devices can then connect over a network to share files, print documents, and access other shared resources.

"Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices," the U.S. Computer Emergency Readiness Team (US-CERT) said in a note published today.

"US-CERT recommends that affected UPnP device vendors and developers obtain and employ libupnp version 1.6.18, which addresses these vulnerabilities."

It is understood from Rapid7's findings that there are numerous bugs with the protocol, which could ultimately put at risk tens of millions of networked devices—especially those connected directly to the Internet.

It then warns to "disable UPnP (if possible)," along with restricting networking protocols and ports, including Simple Service Discovery Protocol (SSDP) and Simple Object Access Protocol (SOPA) services from untrusted networks, including the Internet.

The risk is that hackers could "execute arbitrary code on the device or cause a denial of service," or in other words: install malware on your computer and/or run it as part of a botnet.

Along with this, hackers could access confidential documents, steal usernames and passwords, take over PCs, and remotely access networked devices, such as webcams, printers, televisions, security systems, and other devices plugged in or wireless connected to networks.

Most networking devices in fact use UPnP, including computers running Windows, Apple's OS X, and Linux. Many mobile devices also use UPnP to print to wireless or networked printers.
Back to top
View user's profile Send_private_message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Wed 30 Jan 2013, 00:27    Post_subject:  

Thanks. There's a simple switch at grc.com that worked nicely on my XP computer.
Back to top
View user's profile Send_private_message 
8-bit


Joined: 03 Apr 2007
Posts: 3382
Location: Oregon

PostPosted: Wed 30 Jan 2013, 01:18    Post_subject:  

Of course, you realize that most computer users will not know jack about how to disable UPnP and will only get the updated one through a Windows update, a downloadable executable update utility, or specific information on how to disable UPnP.
Back to top
View user's profile Send_private_message 
Barkin


Joined: 12 Aug 2011
Posts: 729

PostPosted: Wed 30 Jan 2013, 02:58    Post_subject:  

jpeps wrote:
... There's a simple switch at grc.com that worked nicely on my XP computer.

Wouldn't grc's "shield's up" reveal this type of weakness ? ... https://en.wikipedia.org/wiki/Shields_Up
Back to top
View user's profile Send_private_message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Wed 30 Jan 2013, 04:03    Post_subject:  

Barkin wrote:
jpeps wrote:
... There's a simple switch at grc.com that worked nicely on my XP computer.

Wouldn't grc's "shield's up" reveal this type of weakness ? ... https://en.wikipedia.org/wiki/Shields_Up


No. From Shields_Up, download "UnPlug n' Pray" from the freeware/security tab (windows only).
Back to top
View user's profile Send_private_message 
8-bit


Joined: 03 Apr 2007
Posts: 3382
Location: Oregon

PostPosted: Wed 30 Jan 2013, 04:22    Post_subject:  

The direct link to the UnPlug and Pray file is https://www.grc.com/unpnp/unpnp.htm.
This file is for disabling UPnP in all versions of windows with the option to re enable UPnP.
It is NOT for linux.
Back to top
View user's profile Send_private_message 
prehistoric


Joined: 23 Oct 2007
Posts: 1302

PostPosted: Wed 30 Jan 2013, 11:29    Post_subject:  

Are we in a time warp? Security problems with UPnP have been around -- and known -- since at least the introduction of Windoze XP. Here's a site which has existed for a looong time.

Note: He presented a paper at a conference in 2006! This was not simply an academic vulnerability, the conficker worm, with which many of us have had a tussle, exploited this hole years ago.
Back to top
View user's profile Send_private_message 
Q5sys


Joined: 11 Dec 2008
Posts: 1073

PostPosted: Wed 30 Jan 2013, 11:34    Post_subject:  

problem is most PC users WANT this kind of feature. The dont want to have to mount a drive. So I think this advice will not be followed by most people.
_________________



Back to top
View user's profile Send_private_message Visit_website 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Wed 30 Jan 2013, 12:56    Post_subject:  

Q5sys wrote:
problem is most PC users WANT this kind of feature. The dont want to have to mount a drive. So I think this advice will not be followed by most people.


I didn't notice it affecting anything on the XP...still mounts flashdrives the same. Maybe there are some devices that use it. The vulnerability was announced by Microsoft back in December of 2001.
Back to top
View user's profile Send_private_message 
Q5sys


Joined: 11 Dec 2008
Posts: 1073

PostPosted: Wed 30 Jan 2013, 13:31    Post_subject:  

jpeps wrote:
Q5sys wrote:
problem is most PC users WANT this kind of feature. The dont want to have to mount a drive. So I think this advice will not be followed by most people.


I didn't notice it affecting anything on the XP...still mounts flashdrives the same. Maybe there are some devices that use it. The vulnerability was announced by Microsoft back in December of 2001.


I kinda over generalized there... Auto mount is built on top of PnP. Afterall the computer has to recognize that the USB device IS a drive in order to mount it. Automount is the vector used for most of the USB virii.

As for PnP, it covers the ability to be able to plug a device into your computer and your computer know what it is. If you go back to say Win 95 and before... you could plug in hardware, but the computer woudlnt even know it was there until you installed the drivers and program then told the computer, where to go for the device.

Referencing Win XP: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/pnp_overview.mspx?mfr=true

_________________



Back to top
View user's profile Send_private_message Visit_website 
rcrsn51


Joined: 05 Sep 2006
Posts: 9207
Location: Stratford, Ontario

PostPosted: Wed 30 Jan 2013, 13:48    Post_subject:  

The issue here is not about PnP. It's uPnP, which really should have been named "Network Plug'nPlay".

Your network probably has devices with built-in web servers, like your router or networked printers. Ordinarily, you would access the device by launching your web browser and entering the IP address of the device.

In XP, open My Network Places. One of the tasks is "Show icons for networked uPnP devices". This will open a port in your firewall so Windows can now access these devices directly by clicking an icon.

Supposedly, this open port is now a point of vulnerability. But I suspect that the real issue is what your router is doing. Is it also exposing these uPnp devices to the WAN?
Back to top
View user's profile Send_private_message 
Wognath

Joined: 19 Apr 2009
Posts: 183

PostPosted: Wed 30 Jan 2013, 15:15    Post_subject:  

Quote:
Using UPnP to stream media between computers in your own house does not require UPnP to be enabled on your router, nor does it pose any security risk.
http://lifehacker.com/5803975
Am I right in concluding that if UPnP is disabled on the wireless router of a home network, there is no need to disable it on the computers?
Back to top
View user's profile Send_private_message 
gcmartin

Joined: 14 Oct 2005
Posts: 4368
Location: Earth

PostPosted: Wed 30 Jan 2013, 22:43    Post_subject:  

Wognath wrote:
Quote:
Using UPnP to stream media between computers in your own house does not require UPnP to be enabled on your router, nor does it pose any security risk.
http://lifehacker.com/5803975
Am I right in concluding that if UPnP is disabled on the wireless router of a home network, there is no need to disable it on the computers?
YES!

UPnP is a method for devices you purchase to use the LAN most often to sometimes send to a vendor's website.

If it's shutoff at the router, when a PC or device attempts to use it for discovery it cannot work.

Again as @Rcrsn51 point out, correctly, this is a LAN related issue and excepting is some very odd networks requires router participation to operate.

Further understanding of the uses and benefits and drawbacks can be found here.

Hope this helps

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send_private_message 
Wognath

Joined: 19 Apr 2009
Posts: 183

PostPosted: Thu 31 Jan 2013, 02:27    Post_subject:  

Thanks, gcmartin, very helpful.
Back to top
View user's profile Send_private_message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Thu 31 Jan 2013, 03:02    Post_subject:  

Quote:

You’ve probably never checked whether your Internet router is set by default to use a harmless-sounding protocol called Universal Plug and Play. If it does, now’s a good time to turn it off.


http://www.forbes.com/sites/andygreenberg/2013/01/29/disable-a-protocol-called-upnp-on-your-router-now-to-avoid-a-serious-set-of-security-bugs/
Back to top
View user's profile Send_private_message 
Display_posts:   Sort by:   
Page 1 of 2 Posts_count   Goto page: 1, 2 Next
Post_new_topic   Reply_to_topic View_previous_topic :: View_next_topic
 Forum index » Off-Topic Area » Security
Jump to:  

Rules_post_cannot
Rules_reply_cannot
Rules_edit_cannot
Rules_delete_cannot
Rules_vote_cannot
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0905s ][ Queries: 12 (0.0059s) ][ GZIP on ]