Solved

Check your router now, before Lex Luthor does Universal Plug and Play (UPnP).

  • 7 February 2013
  • 3 replies
  • 957 views

Userlevel 7
Badge +56
If you have a Router this article is for you! The Department of Homeland security, in conjunction with Rapid7, has issued another warning (Vulnerability Note VU#922681) that everyone using the Internet needs to be aware of. The last warning that broke out of nerdville into the mainstream media involved Java. In that case, simply viewing a web page could result in a computer being infected with a virus. This warning is arguably worse, because the victim doesn't need to do anything. Even if all your computers and tablets are turned off, a bad guy may now be able to get into your router and re-configure it or crash it. Re-configuring can allow the bad guys into your Local Area Network (LAN) or, it can prevent machines on the inside from getting out to the Internet.  The problem lies with a networking communication protocol called Universal Plug and Play (UPnP). UPnP was designed for internal use only. That is, it was only meant to be used inside a LAN. UPnP was never intended to be used on the Internet. It has no security, not even passwords. Yet, CERT and Daniel Garcia warned, back in 2011, that a number of devices were mis-configured and talking UPnP over the Internet. It's as if a surgeon operated on the wrong leg. 
Full Article
 
And to Test from from Rapid7 and click on Scan My Router. 


Also GRC has a Test just click on Proceed and click on the Button.


 
TH
icon

Best answer by RetiredTripleHelix 7 February 2013, 21:30

View original

3 replies

Userlevel 4
Badge +13
Interesting, pretty useful... I'm clean! :)

Thank you TH!
Userlevel 7
Badge +56
Your very welcome uvox! ;)
 
TH
Userlevel 7
Thanks for the links TH. Tested Clean on both. 😉

Reply