Puppy Linux Discussion Forum Forum Index Puppy Linux Discussion Forum
Puppy HOME page : puppylinux.com
"THE" alternative forum : puppylinux.info
 
 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 

The time now is Tue 30 Sep 2014, 08:12
All times are UTC - 4
 Forum index » Off-Topic Area » Security
Homeland Security: Disable UPnP, as tens of millions at risk
Post new topic   Reply to topic View previous topic :: View next topic
Page 1 of 2 [24 Posts]   Goto page: 1, 2 Next
Author Message
Flash
Official Dog Handler


Joined: 04 May 2005
Posts: 11079
Location: Arizona USA

PostPosted: Tue 29 Jan 2013, 22:53    Post subject:  Homeland Security: Disable UPnP, as tens of millions at risk  

Homeland Security: Disable UPnP, as tens of millions at risk
Quote:
UPnP, or Universal Plug and Play, allows devices that connect to networks, to communicate seamlessly with one another and discover each other's presence. Devices can then connect over a network to share files, print documents, and access other shared resources.

"Multiple vulnerabilities have been announced in libupnp, the open source portable SDK for UPnP devices. Libupnp is employed by hundreds of vendors for UPnP-enabled devices," the U.S. Computer Emergency Readiness Team (US-CERT) said in a note published today.

"US-CERT recommends that affected UPnP device vendors and developers obtain and employ libupnp version 1.6.18, which addresses these vulnerabilities."

It is understood from Rapid7's findings that there are numerous bugs with the protocol, which could ultimately put at risk tens of millions of networked devices—especially those connected directly to the Internet.

It then warns to "disable UPnP (if possible)," along with restricting networking protocols and ports, including Simple Service Discovery Protocol (SSDP) and Simple Object Access Protocol (SOPA) services from untrusted networks, including the Internet.

The risk is that hackers could "execute arbitrary code on the device or cause a denial of service," or in other words: install malware on your computer and/or run it as part of a botnet.

Along with this, hackers could access confidential documents, steal usernames and passwords, take over PCs, and remotely access networked devices, such as webcams, printers, televisions, security systems, and other devices plugged in or wireless connected to networks.

Most networking devices in fact use UPnP, including computers running Windows, Apple's OS X, and Linux. Many mobile devices also use UPnP to print to wireless or networked printers.
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Wed 30 Jan 2013, 00:27    Post subject:  

Thanks. There's a simple switch at grc.com that worked nicely on my XP computer.
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3368
Location: Oregon

PostPosted: Wed 30 Jan 2013, 01:18    Post subject:  

Of course, you realize that most computer users will not know jack about how to disable UPnP and will only get the updated one through a Windows update, a downloadable executable update utility, or specific information on how to disable UPnP.
Back to top
View user's profile Send private message 
Barkin


Joined: 12 Aug 2011
Posts: 724

PostPosted: Wed 30 Jan 2013, 02:58    Post subject:  

jpeps wrote:
... There's a simple switch at grc.com that worked nicely on my XP computer.

Wouldn't grc's "shield's up" reveal this type of weakness ? ... https://en.wikipedia.org/wiki/Shields_Up
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Wed 30 Jan 2013, 04:03    Post subject:  

Barkin wrote:
jpeps wrote:
... There's a simple switch at grc.com that worked nicely on my XP computer.

Wouldn't grc's "shield's up" reveal this type of weakness ? ... https://en.wikipedia.org/wiki/Shields_Up


No. From Shields_Up, download "UnPlug n' Pray" from the freeware/security tab (windows only).
Back to top
View user's profile Send private message 
8-bit


Joined: 03 Apr 2007
Posts: 3368
Location: Oregon

PostPosted: Wed 30 Jan 2013, 04:22    Post subject:  

The direct link to the UnPlug and Pray file is https://www.grc.com/unpnp/unpnp.htm.
This file is for disabling UPnP in all versions of windows with the option to re enable UPnP.
It is NOT for linux.
Back to top
View user's profile Send private message 
prehistoric


Joined: 23 Oct 2007
Posts: 1282

PostPosted: Wed 30 Jan 2013, 11:29    Post subject:  

Are we in a time warp? Security problems with UPnP have been around -- and known -- since at least the introduction of Windoze XP. Here's a site which has existed for a looong time.

Note: He presented a paper at a conference in 2006! This was not simply an academic vulnerability, the conficker worm, with which many of us have had a tussle, exploited this hole years ago.
Back to top
View user's profile Send private message 
Q5sys


Joined: 11 Dec 2008
Posts: 1066

PostPosted: Wed 30 Jan 2013, 11:34    Post subject:  

problem is most PC users WANT this kind of feature. The dont want to have to mount a drive. So I think this advice will not be followed by most people.
_________________



Back to top
View user's profile Send private message Visit poster's website 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Wed 30 Jan 2013, 12:56    Post subject:  

Q5sys wrote:
problem is most PC users WANT this kind of feature. The dont want to have to mount a drive. So I think this advice will not be followed by most people.


I didn't notice it affecting anything on the XP...still mounts flashdrives the same. Maybe there are some devices that use it. The vulnerability was announced by Microsoft back in December of 2001.
Back to top
View user's profile Send private message 
Q5sys


Joined: 11 Dec 2008
Posts: 1066

PostPosted: Wed 30 Jan 2013, 13:31    Post subject:  

jpeps wrote:
Q5sys wrote:
problem is most PC users WANT this kind of feature. The dont want to have to mount a drive. So I think this advice will not be followed by most people.


I didn't notice it affecting anything on the XP...still mounts flashdrives the same. Maybe there are some devices that use it. The vulnerability was announced by Microsoft back in December of 2001.


I kinda over generalized there... Auto mount is built on top of PnP. Afterall the computer has to recognize that the USB device IS a drive in order to mount it. Automount is the vector used for most of the USB virii.

As for PnP, it covers the ability to be able to plug a device into your computer and your computer know what it is. If you go back to say Win 95 and before... you could plug in hardware, but the computer woudlnt even know it was there until you installed the drivers and program then told the computer, where to go for the device.

Referencing Win XP: http://www.microsoft.com/resources/documentation/windows/xp/all/proddocs/en-us/pnp_overview.mspx?mfr=true

_________________



Back to top
View user's profile Send private message Visit poster's website 
rcrsn51


Joined: 05 Sep 2006
Posts: 9141
Location: Stratford, Ontario

PostPosted: Wed 30 Jan 2013, 13:48    Post subject:  

The issue here is not about PnP. It's uPnP, which really should have been named "Network Plug'nPlay".

Your network probably has devices with built-in web servers, like your router or networked printers. Ordinarily, you would access the device by launching your web browser and entering the IP address of the device.

In XP, open My Network Places. One of the tasks is "Show icons for networked uPnP devices". This will open a port in your firewall so Windows can now access these devices directly by clicking an icon.

Supposedly, this open port is now a point of vulnerability. But I suspect that the real issue is what your router is doing. Is it also exposing these uPnp devices to the WAN?
Back to top
View user's profile Send private message 
Wognath

Joined: 19 Apr 2009
Posts: 179

PostPosted: Wed 30 Jan 2013, 15:15    Post subject:  

Quote:
Using UPnP to stream media between computers in your own house does not require UPnP to be enabled on your router, nor does it pose any security risk.
http://lifehacker.com/5803975
Am I right in concluding that if UPnP is disabled on the wireless router of a home network, there is no need to disable it on the computers?
Back to top
View user's profile Send private message 
gcmartin

Joined: 14 Oct 2005
Posts: 4288
Location: Earth

PostPosted: Wed 30 Jan 2013, 22:43    Post subject:  

Wognath wrote:
Quote:
Using UPnP to stream media between computers in your own house does not require UPnP to be enabled on your router, nor does it pose any security risk.
http://lifehacker.com/5803975
Am I right in concluding that if UPnP is disabled on the wireless router of a home network, there is no need to disable it on the computers?
YES!

UPnP is a method for devices you purchase to use the LAN most often to sometimes send to a vendor's website.

If it's shutoff at the router, when a PC or device attempts to use it for discovery it cannot work.

Again as @Rcrsn51 point out, correctly, this is a LAN related issue and excepting is some very odd networks requires router participation to operate.

Further understanding of the uses and benefits and drawbacks can be found here.

Hope this helps

_________________
Get ACTIVE Create Circles; Do those good things which benefit people's needs!
We are all related ... Its time to show that we know this!
3 Different Puppy Search Engine or use DogPile
Back to top
View user's profile Send private message 
Wognath

Joined: 19 Apr 2009
Posts: 179

PostPosted: Thu 31 Jan 2013, 02:27    Post subject:  

Thanks, gcmartin, very helpful.
Back to top
View user's profile Send private message 
jpeps

Joined: 31 May 2008
Posts: 3220

PostPosted: Thu 31 Jan 2013, 03:02    Post subject:  

Quote:

You’ve probably never checked whether your Internet router is set by default to use a harmless-sounding protocol called Universal Plug and Play. If it does, now’s a good time to turn it off.


http://www.forbes.com/sites/andygreenberg/2013/01/29/disable-a-protocol-called-upnp-on-your-router-now-to-avoid-a-serious-set-of-security-bugs/
Back to top
View user's profile Send private message 
Display posts from previous:   Sort by:   
Page 1 of 2 [24 Posts]   Goto page: 1, 2 Next
Post new topic   Reply to topic View previous topic :: View next topic
 Forum index » Off-Topic Area » Security
Jump to:  

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum


Powered by phpBB © 2001, 2005 phpBB Group
[ Time: 0.0874s ][ Queries: 12 (0.0042s) ][ GZIP on ]