Most Home Routers Vulnerable to Flash UPnP Attack 253
An Anonymous reader noted that some folks at GNU Citizen have been researching
UPNP Vulnerabilities in home routers, and have produced a flash swf file capable of opening open ports into your network simply by visiting an unfortunate URL. Looks like Firefox & Safari users are safe for now.
Turn off UPNP (Score:5, Insightful)
A. Unbox
B. Throw away the disk
C. Plug in your machine, Turn on the router and navigate to the webgui
D. Turn off UPNP
E. ??? (Change default name and password, set WPA, Turn off SSID etc....)
F. Profit...
The point is, I'd always been told to turn off UPNP 'cos sooner or later something is going to open ports that you don't know about.
Open WiFi + this = trouble? (Score:3, Insightful)
Turn off UPnP! (Score:5, Insightful)
Never used it. Never wanted it. Never turned it on. Always turned it off on EVERYTHING. UPnP is the problem here - a simple (unauthenticated) HTTP-style page requested in a browser suddenly starts opening ports to your network. It should not happen. Even my DSL router/wireless router/Linux router has SSL only, passworded access to do anything even approaching opening ports. And if a webpage pops up with an authentication dialog with the header "Wireless Router" and you type in your password, then you're a fool, unless you specifically requested the router's configuration page.
There's rarely even a log of what UPnP has done - which ports it's opened in the past etc. for whom.
Just turn the damn thing off. It's too dangerous.
Re:Turn off UPNP (Score:3, Insightful)
I'm okay with all of that. The only thing I never get is why to turn off the SSID broadcast. If it's well secured, it doesn't matter if they know it's there or not. Besides, I'm pretty sure that just listening to traffic will reveal the presence of a wireless network.
Re:Turn off UPnP! (Score:5, Insightful)
But, agreed, it's scary stuff, if you believe your router ought to be a firewall. What's really needed is for home routers to start implementing authenticated UPnP, and for clients to work with it. (I must admit I've only glanced at the UPnP specs, but I seem to recall seeing references to an authenticated flavour).
Re:Turn off UPNP (Score:3, Insightful)
Anyone who can break into your wifi can probably find your SSID if broadcast is disabled, all you need to do is wait and listen.
Re:Nothing new, really (Score:5, Insightful)
All it takes is to get your nastyness in a bunch of Ad rotations from doubleclick and other scumbag webad companies and you can hose a huge swath of the net.
Re:Open WiFi + this = trouble? (Score:3, Insightful)
Re:Turn off UPNP (Score:3, Insightful)
Er, you 'don't get' the whole 'change default password crap'? Even though you 'usually' look up the password on a 'list of manufacturer default'?
Want to run that by us again? :-)
Re:Turn off UPNP (Score:4, Insightful)
Re:Turn off UPNP (Score:2, Insightful)
Re:Turn off UPNP (Score:1, Insightful)
Re:Nothing new, really (Score:5, Insightful)
Why, look no further than the MyMiniCity/Goatse/2girls1cup links being posted here in every thread! At least one person clicks and ends up warning others. (Either by downmodding or posting.) Why, you just need someone who's curious enough to click.
On the other hand, it requires a bit of work to get someone familiar with malware to click on a 'you just won' banner and download the mystery prize. Don't even get me started on random email attachments following nonsense messages.
Re:Nothing new, really (Score:2, Insightful)
Re:Nothing new, really (Score:3, Insightful)
Re:Turn off UPNP (Score:2, Insightful)
The hidden SSID and WEP encryption is meant as a polite message to white hat hackers that I'd rather they not use my AP as my bandwidth is metered by my ISP.
If you are an asshole who will hack and pwn my AP anyway then you're no better than the thief with the crowbar that smashes car windows to steal CDs and the spare change in coin boxes. If I'm lucky enough to be home as you do this, I'll grab my camera and a baseball bat to record your feats and your license plate, then use the baseball bat to smash your laptop to bits.
//Internet tough guy
Re:Nothing new, really (Score:3, Insightful)
99.9% of the shiit that gets blocked by these programs I don't need/want/miss anyway.
Re:Turn off UPNP (Score:3, Insightful)
Re:Nothing new, really (Score:5, Insightful)
No infections either.
It looks like your doing everything except the simplest solution.
Oh and yes I use UPNP.
Re:Nothing new, really (Score:4, Insightful)
Re:Turn off UPNP (Score:3, Insightful)
From a security perspective, I would never want one of these as, if someone were at my front door trying to pick the lock, they would be obscured from view. I find living in a neighbourhood where there is the appearance that all the neighbours are nosy is far more effective as a form of security.