Your forum username:
Do you already have an account?
Forgot your password?
  • Log in or Sign up


    Welcome to Sky User - The Unofficial Support Forum for everything Sky! - Proudly helping over 65k members.


    Advertisement

    Page 3 of 3 FirstFirst 123
    Results 21 to 23 of 23

    Massive UPnP Security Issue - Sky router affected?

    This is a discussion on Massive UPnP Security Issue - Sky router affected? within the Sky Router forums, part of the Sky Broadband help category; Something else to add to my ever growing ToDo list then!...

    1. #21
      speedyrite's Avatar
      speedyrite is offline Sky User Member
      Exchange: MYHGT
      Broadband ISP: NOW Broadband
      Router: NOW TV Hub Two
      Sky TV: NOW TV
      Join Date
      Sep 2006
      Posts
      2,360
      Thanks
      382
      Thanked 160 Times in 154 Posts
      Blog Entries
      1
      Something else to add to my ever growing ToDo list then!
      ++ speedyrite ... powered by NOW Broadband from June 2018 ++
      (previously powered by Sky Broadband from July 2007)


    2. Advertisement
    3. #22
      speedyrite's Avatar
      speedyrite is offline Sky User Member
      Exchange: MYHGT
      Broadband ISP: NOW Broadband
      Router: NOW TV Hub Two
      Sky TV: NOW TV
      Join Date
      Sep 2006
      Posts
      2,360
      Thanks
      382
      Thanked 160 Times in 154 Posts
      Blog Entries
      1

      Re: Massive UPnP Security Issue - Sky router affected?

      Quote Originally Posted by itype View Post
      Tried the test on SR101 from a mac, no issues and came back clean.
      Ditto here. I have also used ShieldsUP! to probe ports 1900, 2869 and 5500 - all got status "Stealth".


      Universal Plug n'Play (UPnP)
      Internet Exposure Test
      This Internet probe sends up to ten (10) UPnP Simple Service Discovery Protocol (SSDP) M-SEARCH UDP packets, one every half-second, to our visitor's current IPv4 address (176.252.127.33) in an attempt to solicit a response from any publicly exposed and listening UPnP SSDP service. The UPnP protocols were never designed to be exposed to the public Internet, and any Internet-facing equipment which does so should be considered defective, insecure, and unusable. Any such equipment should be disconnected immediately.
      Your equipment at IP:


      Is now being queried:







      THE EQUIPMENT AT THE TARGET IP ADDRESS
      DID NOT RESPOND TO OUR UPnP PROBES!

      (That's good news!)
      There is no question whether hackers are, in fact, currently sweeping the Internet for the presence of exposed devices—in order to gain access to the private networks residing behind them. Just such hacking packets are now being detected within uncommitted “honey pot” blocks of IPv4 addresses. Scanning is underway and the threat is real.
      Whenever changes are made to your network configuration, and also from time to time just to be sure, you should consider re-running this quick test to confirm that your Internet-facing equipment is continuing to ignore all attempts at its subversion though the Universal Plug n'Play (UPnP) protocols.
      What results are possible?
      It's natural to wonder what other results might have been shown if your Internet equipment were different. So to satisfy that curiosity, here are three sample screens showing each of this test's three possible outcomes:

      About UPnP and what this means . . .
      We wanted to get this UPnP Exposure Testing facility on the air as soon as possible. So this supplemental material will be written and provided shortly.
      In the meantime, the recent episode of Security Now! (#389) covered this in great detail. Until we are able to get more posted here, you are invited to check out the video on YouTube:

      https://www.youtube.com/watch?v=wEa43qM4JjQ



      Last edited by speedyrite; 01-02-13 at 06:56 PM.
      ++ speedyrite ... powered by NOW Broadband from June 2018 ++
      (previously powered by Sky Broadband from July 2007)

    4. #23
      Tezcatlipoca's Avatar
      Tezcatlipoca is offline Sky User Moderator
      Exchange: Cambridge (EACAM)
      Broadband ISP: Sky Fibre Unlimited Pro
      Router: Sky Hub SR101
      Sky TV: Sky+HD box
      Join Date
      Feb 2007
      Location
      Cambridge
      Posts
      855
      Thanks
      13
      Thanked 7 Times in 7 Posts

      Re: Massive UPnP Security Issue - Sky router affected?

      Quote Originally Posted by Isitme View Post
      I don't know anything about Macs but that may be because it is preinstalled on Mac OSs, at least this article seems to suggest that-
      https://community.rapid7.com/docs/DOC-1037

      I get the impression this does the same sort of job .Net does on Windows, but as I said my knowledge of Macs is nil.

      The only thing that may be pre-installed is Ruby, a programming language.

      Going by that article, you also need to...

      - Install Xcode (the Apple IDE for developing for OS X and iOS)

      - Install MacPorts (dunno what that is)

      - Install newer version of Ruby

      - Install a database

      And finally...

      - Install the Metasploit framework



      Not quite as simple as it appears to be from the main article about the vulnerability, nor 3rd party articles about it, which all basically say "Mac users can just install Metasploit from here".


      I'll just use the web scanner and the GRC equivalent!

     

     
    Page 3 of 3 FirstFirst 123

    Tags for this Thread

    Posting Permissions

    • You may not post new threads
    • You may not post replies
    • You may not post attachments
    • You may not edit your posts
    •  
    SkyUser - Copyright © 2006-2020. SatDish and NewsreadeR | SkyUser is in no way affiliated with Sky Broadband / BSkyB
    RIPA NOTICE: NO CONSENT IS GIVEN FOR INTERCEPTION OF PAGE TRANSMISSION