SECURITY ALERT: Universal Plug and Play Vulnerability - Comments Page 1

Category: Security



All Comments on: "SECURITY ALERT: Universal Plug and Play Vulnerability"

Comment Page: 1 |  2 

Posted by:

Daniel
31 Jan 2013

UPnP sure makes connecting to new printers or other hardware much easier. If we turn it off now, could we just temporarily turn it on in the future just long enough to get some hardware set up then turn it off again? I may be waaaaaay confused on how UPnP works.

Posted by:

Mike B
31 Jan 2013

Tried to run the router scan. Wheel went round and round. It said the scan should complete within 30 seconds. I closed the window after five minutes.

Tried to download the Windows scan. Downloaded but would not run.

Great company there.

Posted by:

Bill
31 Jan 2013

I've heard about the UPnP problem in the last few days, however...Rapid7 Router Security Check never returns with any results, it basically runs forever until you kill it. And their ScanNow for UPnP tool requires insecure Java to be installed on my computer which is not going to happen. I'm not so sure about Rapid7's motives. I've never heard of them before and after they crashed my Windows Explorer, twice, I suspect that spyware is now installed on my PC.

EDITOR'S NOTE: I would not refer my readers to a site that installs malware. Rapid7 is 100% trustworthy. Also, I addressed the Java issue in a special note on the page. Have another look...

Posted by:

Lucy
31 Jan 2013

Once again Bob, you rock, and I for one, am so grateful for all these things you bring to our notice.

I have run the Rapid7 Router Security Check and got a clear result.

Do I ALSO need to download and run Rapid7's free ScanNow for UPnP tool, (I use Windows) or is the router check sufficient?

Second, is this router security check something I should run regularly or is this one check sufficient?

Posted by:

B.A.Geezer
31 Jan 2013

Well, I followed your links and clicked on the "Scan Now" button - and nothing happened. I scrolled down and there were no entries referring to vulnerabilities. My question now is: what kind of scam BS spyware was just installed on my computer, and how do I find it to remove it?

EDITOR'S NOTE: No scam, no BS, no spyware. Rapid7 is 100% trustworthy.

Posted by:

snert
31 Jan 2013

I've got mine set to MANUAL.

Posted by:

Darcetha
31 Jan 2013

I'm a faithful reader of your Geekly Updates and appreciate the useful information. I ran the Rapid7 Security Router test, thankfully, my router was safe.

Also, I turned off Windows UPnP services, so hopefully, I will be safer when surfing the internet. Thanks for helping us mere mortals, like myself, feel more confident when using our computer. :)

Posted by:

D.V.N.sarma
31 Jan 2013

What does this Rapid7 message mean?

{green tick] Congratulations! Your router did not respond to a UPnP discovery request.

EDITOR'S NOTE: That means your router is not vulnerable, which is good!

Posted by:

Dave Roche
31 Jan 2013

Just checked my ZyXel P-660HW-T1 v2 Router and found the UPnP default setting is set to off. You had me worried for a moment.

Posted by:

Chris
31 Jan 2013

I clicked on the link for Metasploit but it appears that Metasploit is only available for Windows and Linux.

Posted by:

Ed
31 Jan 2013

Does this issue affect DSL Modem devices?
My Westell 7500 Router is not in the device list.

Posted by:

Steve Brooks
31 Jan 2013

Thanks, Bob! I ran the ScanNow for UPnP and I had no vulnerabilities!

What's next now? Maybe we should just turn off our computers and go to the next level of technology, but wait, that will probably be comprised if even sooner than it took for our present technology to take place...sigh!

Posted by:

Bob Levy
31 Jan 2013

If I stop the Windows SSDP Discovery, Then I bet the USB devices I constantly plug and unplug would create more of a problem?

I use kindle and android as well as lots of external USB drives!
This would be interesting if I needed to start and stop the service for local PnP devices.

Posted by:

Mark Jacobs
31 Jan 2013

There's a catch 22 with the UnPNP scanner. It requires Java and Java itself poses almost as much a threat as UnPNP. The online checker works fine. You might want to mention this to your readers. My boss (Leo Notenboom) suggests staying away even from patched versions of Java as problems keep coming up.

EDITOR'S NOTE: I addressed the Java issue in a special note on the page. Apparently people are not noticing it, since I got this same comment from several readers. Look for the yellow boxed note.

Posted by:

Raymond Combs
31 Jan 2013

Disabled UPnP in services as shown. Immediately was told that my Win 7 needed to be registered within two days!!! The regular Windows "pop-up" appeared - register now or later! I went back and turned SSDP back to manual, and no more "registering" needed!

EDITOR'S NOTE: That's odd. Are you using an unregistered version of Windows? (If so, that's a problem.)

Posted by:

Catherine
31 Jan 2013

Thank you so much for always alerting us and looking out for us when things like this happen! I really appreciate the fact that you realize there are us "newbies" out here and explain exactly how to do something. You're the best Bob!

Posted by:

Saltydog Nelson
31 Jan 2013

Hi,
I ran the Rapid 7 router security check and apparently have no problems with UPnP. However, it did install a large number of files on my system in the process. Inctrl5 shows 129 files added in various directories. It also showed quite a few registry entries added to my system.

Posted by:

Stuart Berg
31 Jan 2013

For many, many years (probably 15 or more) Steve Gibson of Gibson Research Corporation has warned about the dangers of UPnP and has even provided a free simple program to turn it "off" or "on" at
http://www.grc.com/UnPnP/UnPnP.htm
That webpage has a very thorough discussion of the problem.

EDITOR'S NOTE: I'm aware of that page. However, it was written in 2001, and includes no mention of the greater problem, which is the router vulnerability.

Posted by:

Blacksmith
01 Feb 2013

Thanks for the tip off Bob. I installed JAVA to run the checks then uninstalled it.I'm running WinXP SP3 on a fairly old machine with a 3 year old router so was pleasantly surprised to pass the tests!

Posted by:

Russell Coover
01 Feb 2013

I passed the Router test, but I'm not going to install Java RTE to get ScanNow for UPnP to work. Perhaps there is another way?

EDITOR'S NOTE: Maybe Metasploit. I have not tried it to see if it needs Java.

Comment Page: 1 |  2 

Read the article that everyone's commenting on.

To post a comment on "SECURITY ALERT: Universal Plug and Play Vulnerability"
please return to that article.

Send this article to a friend. Jump to the Comments section. Buy Bob a Snickers. Or check out other articles in this category:





Need More Help? Try the AskBobRankin Updates Newsletter. It's Free!

Prev Article:
Geekly Update - 30 January 2013
Send this article to a friend
The Top Twenty
Next Article:
Do You Need Mobile Security Protection?

Link to this article from your site or blog. Just copy and paste from this box:


Free Tech Support -- Ask Bob Rankin
RSS    
Subscribe to AskBobRankin Updates: Free Newsletter

Privacy Policy -- See my profile on Google.