[Security] client-to-client security :: Summary and todo's

Dirk Meyer dmeyer at tzi.de
Sat Aug 23 13:32:27 CDT 2008


Pavel Simerda wrote:
> On Sat, 23 Aug 2008 18:21:38 +0200
> Dirk Meyer <dmeyer at tzi.de> wrote:
>> UPnP is a working choice, but bad. Just google for it.
>
> I know what UPnP is.

I mean: google why it is a bad choice :) See below

>> Since it is based on HTTP attackers found a way to open ports on
>> your router.
>
> Please be more precise, this is not a useful piece of information at
> all.

OK. UPNp uses HTTP. If an attacker knows your router IP address (in
many cases 192.168.1.1) he can use your browser to open port
forwarding on your router so you expose services (windows has a lot of
services that should be closed to the outside).

First link I found using google:
http://www.haveyougotwoods.com/archive/2008/01/15/common-home-router-exploit-upnp-enabled-routers-only.aspx

>> Besides that, I do not like the idea that every app can open ports.
>
> This is how TCP/IP works. Any application may open a socket and talk
> to the internet.
>
> Jabber won't work if a jabber client can't open a socket.
>
> Again, please be more precise so others understand what security
> issues you actually mean.

Sorry, I mean listening ports. A NAT is a poor mans firewall because
you can't address a machine behind it. That makes it a simple firewall
and nothing can connect to your PC, stuff can only connect to the
outside. IMHO this is very usefull for normal people. When setting up
a network for other people I a) make sure UPnP is tured off and b)
make sure only the needed ports are forwarded (which is only one port
I need to get on the machine to fix it because the user broke it).


Dirk

-- 
.sdrawkcab dootsrednu tub sdrawrof devil si efiL


More information about the Security mailing list