who has largest security hole?

Temmu

Member
Joined
Apr 18, 2012
Posts
436
Location
far reaches of the galaxy, but you knew that...
starting this topic to see whose security hole is bigger.
i bet i win.

upnp
considered a boon to sharing, first data, and now hardware management.
its goal is to connect everything to everything even (especially) across the internet.
upnp site - http://upnp.org/
hundreds of major companies love it - http://upnp.org/membership/list/

upnp on windows
on xp, it is correctly listed in add/remove windows components, network devices, upnp user interface - http://support.microsoft.com/kb/941206
in vista/7/8 microsoft has cleverly hidden the word "upnp" and replaced it with "network discovery"
this link shows that, and how to en/dis able it - http://windows.micro...twork-discovery

so... what's wrong with a little discovery?
this guy, http://www.upnp-hacks.org/contact.html - wrote this -
http://www.upnp-hacks.org/upnp.html about upnp.
plenty to read on his site.

open wrt (some of us use that on routers, yes?) has this coment on upnp
http://wiki.openwrt.org/doc/howto/upnp
(near bottom) "As UPnP provides no authentication mechanisms, it is commonly regarded as one giant security hole."

steve gibson on upnp (old article, utility still works!)
http://www.grc.com/unpnp/unpnp.htm

ok, your turn, is your hole bigger?
 

Has Sysnative Forums helped you? Please consider donating to help us support the site!

Back
Top