For the non-tech minded click this link and follow the on screen instructions: Universal Plug and Play Check by Rapid7
Some background:
Some background:
The Department of Homeland security, in conjunction with Rapid7, has issued another warning (Vulnerability Note VU#922681) that everyone using the Internet needs to be aware of.
The last warning that broke out of nerdville into the mainstream media involved Java. In that case, simply viewing a web page could result in a computer being infected with a virus. This warning is arguably worse, because the victim doesn't need to do anything.
Even if all your computers and tablets are turned off, a bad guy may now be able to get into your router and re-configure it or crash it. Re-configuring can allow the bad guys into your Local Area Network (LAN) or, it can prevent machines on the inside from getting out to the Internet.
The problem lies with a networking communication protocol called Universal Plug and Play (UPnP). UPnP was designed for internal use only. That is, it was only meant to be used inside a LAN.
UPnP was never intended to be used on the Internet. It has no security, not even passwords. Yet, CERT and Daniel Garcia warned, back in 2011, that a number of devices were mis-configured and talking UPnP over the Internet. It's as if a surgeon operated on the wrong leg.
Now, we have a report from Rapid7 documenting a large number of bugs in the UPnP coding. No doubt, some of these UPnP bugs exist in LAN-resident devices (printers, Network Attached Storage, game consoles) but, no big woop, since they can't be exploited by a bad guy halfway around the world.
The real danger comes from routers and broadband modems that can be accessed over the Internet. Rapid7 spent months scanning the entire Internet multiple times.
They found over 80 million computing devices respond to UPnP queries over the Internet. There should be none...
[continues]
Last edited: