FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 01-18-2008, 06:19 PM
Les
 
Default UPnP attack

Hi, guys,
I just got this from a Tech Republic newsletter:
http://blogs.techrepublic.com.com/tech-news/?p=1902

Basically it notes a form of attack using port forwarding by use of
Flash and Javacode. However, probably other scripting languages could
be used. It is not OS or browser dependent, but rather depends on the
standard protocols of UPnP and and the Flash plug-in programing
capability.

Thought you might be interested.

Regards,
Les H

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 01-18-2008, 08:43 PM
John Summerfield
 
Default UPnP attack

Les wrote:
Hi, guys,
I just got this from a Tech Republic newsletter:

http://blogs.techrepublic.com.com/tech-news/?p=1902

Basically it notes a form of attack using port forwarding by use of
Flash and Javacode. However, probably other scripting languages could
be used. It is not OS or browser dependent, but rather depends on the
standard protocols of UPnP and and the Flash plug-in programing


standard _windows_ protocol. I've not heard of Linux doing it.





--

Cheers
John

-- spambait
1aaaaaaa@coco.merseine.nu Z1aaaaaaa@coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 01-18-2008, 08:56 PM
Alan Cox
 
Default UPnP attack

On Sat, 19 Jan 2008 06:43:59 +0900
John Summerfield <debian@herakles.homelinux.org> wrote:

> Les wrote:
> > Hi, guys,
> > I just got this from a Tech Republic newsletter:
> > http://blogs.techrepublic.com.com/tech-news/?p=1902
> >
> > Basically it notes a form of attack using port forwarding by use of
> > Flash and Javacode. However, probably other scripting languages could
> > be used. It is not OS or browser dependent, but rather depends on the
> > standard protocols of UPnP and and the Flash plug-in programing
>
> standard _windows_ protocol. I've not heard of Linux doing it.

UPnP is a dreadful protocol but its perfectly possible to do it on Linux.
UPnP is an abomination for managing/controlling routers and other devices
so its quite possible your router talks it

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 01-18-2008, 09:22 PM
John Wendel
 
Default UPnP attack

Alan Cox wrote:

On Sat, 19 Jan 2008 06:43:59 +0900
John Summerfield <debian@herakles.homelinux.org> wrote:


Les wrote:
Hi, guys,
I just got this from a Tech Republic newsletter:

http://blogs.techrepublic.com.com/tech-news/?p=1902

Basically it notes a form of attack using port forwarding by use of
Flash and Javacode. However, probably other scripting languages could
be used. It is not OS or browser dependent, but rather depends on the
standard protocols of UPnP and and the Flash plug-in programing

standard _windows_ protocol. I've not heard of Linux doing it.


UPnP is a dreadful protocol but its perfectly possible to do it on Linux.
UPnP is an abomination for managing/controlling routers and other devices
so its quite possible your router talks it




Azureus uses it to automagically open ports on your router (if you let
it).


Best to disable it in your router config.

Regards,

John

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 01-18-2008, 11:10 PM
max
 
Default UPnP attack

John Wendel wrote:

Alan Cox wrote:

On Sat, 19 Jan 2008 06:43:59 +0900
John Summerfield <debian@herakles.homelinux.org> wrote:


Les wrote:

Hi, guys, I just got this from a Tech Republic newsletter:
http://blogs.techrepublic.com.com/tech-news/?p=1902

Basically it notes a form of attack using port forwarding by use of
Flash and Javacode. However, probably other scripting languages could
be used. It is not OS or browser dependent, but rather depends on the
standard protocols of UPnP and and the Flash plug-in programing

standard _windows_ protocol. I've not heard of Linux doing it.


UPnP is a dreadful protocol but its perfectly possible to do it on Linux.
UPnP is an abomination for managing/controlling routers and other devices
so its quite possible your router talks it




Azureus uses it to automagically open ports on your router (if you let it).

Best to disable it in your router config.



Right you are, is used in most of the most popular and common routers.
LinkSys definitely uses it on more than one model.

-Max

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 01-20-2008, 02:48 AM
Lamar Owen
 
Default UPnP attack

On Friday 18 January 2008, John Summerfield wrote:
> standard _windows_ protocol. I've not heard of Linux doing it.

To be perfectly honest, UPnP is quite well supported by the most common Linux
boxes out there.

Linksys WRT54G (and compatible) routers.
--
Lamar Owen
www.pari.edu

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 
Old 01-20-2008, 07:49 PM
John Summerfield
 
Default UPnP attack

Lamar Owen wrote:

On Friday 18 January 2008, John Summerfield wrote:

standard _windows_ protocol. I've not heard of Linux doing it.


To be perfectly honest, UPnP is quite well supported by the most common Linux
boxes out there.


Linksys WRT54G (and compatible) routers.


I thought of that later. However, I did have in mind those running
distros such as Debian, Fedora etc.


--

Cheers
John

-- spambait
1aaaaaaa@coco.merseine.nu Z1aaaaaaa@coco.merseine.nu
-- Advice
http://webfoot.com/advice/email.top.php
http://www.catb.org/~esr/faqs/smart-questions.html
http://support.microsoft.com/kb/555375

You cannot reply off-list:-)

--
fedora-list mailing list
fedora-list@redhat.com
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
 

Thread Tools




All times are GMT. The time now is 01:27 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org