1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

UPNP vulnerability - Run this test

Discussion in 'Tech Talk - Gadgets, Gizmos and Technology' started by dpeters11, Feb 1, 2013.

  1. Feb 1, 2013 #1 of 17
    dpeters11

    dpeters11 Hall Of Fame

    16,322
    500
    May 30, 2007
    Cincinnati
    It seems a lot of systems have UPNP open improperly to the outside. This should never have been allowed, and is a major issue.

    This is an easy test, written by Steve Gibson, where his site checks to see if you are vulnerable:
    http://www.grc.com/default.htm

    Under Services, go to ShieldsUp!, click Proceed then the UPnP exposure test. If it's exposed to the Internet, then the entire internal network is at risk. It will accept pretty much any command without authentication, including opening ports etc.
     
  2. Feb 1, 2013 #2 of 17
    hdtvfan0001

    hdtvfan0001 Well-Known Member

    32,456
    258
    Jul 28, 2004
    Thanks for sharing...

    Good to know things passed here.
     
  3. Feb 1, 2013 #3 of 17
    dpeters11

    dpeters11 Hall Of Fame

    16,322
    500
    May 30, 2007
    Cincinnati
    He tweeted that going through his logs (that don't store IP), OpenWRT is vulnerable, which is surprising.
     
  4. Feb 1, 2013 #4 of 17
    dsw2112

    dsw2112 Always Searching

    1,938
    0
    Jun 12, 2009
    Thanks for the link. All good here.
     
  5. Feb 1, 2013 #5 of 17
    dennisj00

    dennisj00 Hall Of Fame

    9,688
    194
    Sep 27, 2007
    Lake Norman, NC
    Thanks! DD-WRT good here on a Linksys dual band.
     
  6. Feb 1, 2013 #6 of 17
    Richierich

    Richierich Hall Of Fame

    8,489
    7
    Jan 10, 2008
    Everything looking good here also using Linksys WRT610N Dual Band Router. :)
     
  7. Cholly

    Cholly Old Guys Rule! DBSTalk Club

    4,900
    51
    Mar 22, 2004
    Indian...
    Ran the test this morning and also checked common ports, ets. All passed--my computer is in full Stealth mode. As always, thanks to Steve Gibson for his security efforts.
    The UPnP vulnerability was one of the subjects discussed last week on TWIT network's "This Week in Tech". Gibson has a weekly show on TWIT as well.
     
  8. MysteryMan

    MysteryMan Well-Known Member DBSTalk Club

    8,456
    515
    May 17, 2010
    USA
    All good here. Thanks dpeters11.
     
  9. hilmar2k

    hilmar2k Hall Of Fame

    5,251
    4
    Mar 18, 2007
    I remember running that years ago (maybe 15). Haven't run it in a long time. Actually surprised it still exists.
     
  10. dpeters11

    dpeters11 Hall Of Fame

    16,322
    500
    May 30, 2007
    Cincinnati
    Steve was talking about how long ago he wrote the original code. It's still valid, especially with this addition. People have even found his one commercial product, that was released 8 years ago, even works on certain levels with Solid State drives.
     
  11. ronton3

    ronton3 AllStar

    92
    2
    Mar 15, 2006
    I have a Mac and it shows good, also interesting about the IP address. Thanks ron
     
  12. coolman302003

    coolman302003 2014 NBA CHAMPIONS!

    1,810
    96
    Jun 2, 2008
    Southeast
    Everything passed here; using a Netgear WNDR3700 router.
     
  13. dpeters11

    dpeters11 Hall Of Fame

    16,322
    500
    May 30, 2007
    Cincinnati
    I'd expect that from them.
     
  14. scooper

    scooper Hall Of Fame

    6,300
    33
    Apr 22, 2002
    Youngsville NC
    Good here too. (netgear WNDR3700 with Sam Knows software).
     
  15. skinnyJM

    skinnyJM Legend

    122
    0
    Nov 19, 2005
    DFW DMA
    THE EQUIPMENT AT THE TARGET IP ADDRESS
    DID NOT RESPOND TO OUR UPnP PROBES!

    :)
     
  16. Marlin Guy

    Marlin Guy Hall Of Fame

    2,129
    7
    Apr 8, 2009
    I got midget porn pop-ups. Is that normal?
     
  17. houskamp

    houskamp Active Member

    8,636
    3
    Sep 14, 2006
    close the other window 1st :hurah:
     

Share This Page