On Mon, Oct 06, 2003 at 01:46:27PM +0100, Carlos Santos wrote: > > > Hi, > > I've been trying (on and off, on my spare time) to get my firewall (RedHat > 9 Shrike) to allow MSN, Netmeeting and Yahoo webcam conversations to take > place. I've been keeping up with some of the threads that have been started > lately about this subject and what I would like to know before going any > further is: is UPNP a security risk ? yes, obviously it is. Have you ever looked at the specification? Also read Section 5 of http://linux-igd.sourceforge.net/documentation.php the problem is, that any email worm or whatever malicious current windows virus might be active on one of the computers inside your network can open _any_ port to _any_ machine via uPNP calls to your upnp igd. This is most likely my last message on this totally rediculous mechanism. > Thanks, > Carlos. -- - Harald Welte <laforge@xxxxxxxxxxxxx> http://www.netfilter.org/ ============================================================================ "Fragmentation is like classful addressing -- an interesting early architectural error that shows how much experimentation was going on while IP was being designed." -- Paul Vixie
Attachment:
pgp00606.pgp
Description: PGP signature
