Ask a new question

Homeland Security says Turn Off UPnP: What to do? Please advise.

Homeland Security and the more influential US-CERT say turn off UPnP. NOT KIDDING.

 

http://www.zdnet.com/homeland-security-disable-upnp-as-tens-of-millions-at-risk-7000010512/

 

http://www.us-cert.gov/current/#cert_releases_upnp_security_advisory

 

 

How shall we connect multiple Xboxen to our networks without UPnP? Please advise.

Google - UPnP risk And you'll see that this information is not new to date and therefor, comes as no surprise. This is also why some vendors choose to have UPnP disabled by default.

You should also read: http://www.kb.cert.org/vuls/id/922681 

The impossible just takes a little longer

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

"A remote, unauthenticated attacker may be able to execute arbitrary code on the device or cause a denial of service." Love it.

 

So we know as per the weblink above fixes are needed for routers from Cisco/Linksys, D-Link, Fujitsu, Huawei, ipitomy, NEC, Siemens and Sony, and that we don't know about Belkin and other router and gateway makers.  

 

Until we know those routers have fixed the security hole, we need to 'deploy firewall rules to block untrusted hosts from being able to access port 1900/udp'.

Was this reply helpful?

Sorry this didn't help.

Great! Thanks for your feedback.

How satisfied are you with this reply?

Thanks for your feedback, it helps us improve the site.

How satisfied are you with this reply?

Thanks for your feedback.

 
 

Question Info

Last updated August 18, 2021 Views 35 Applies to: