Just thought I'd spread a bit of gloom and doom by alerting people to the latest "end of the world as we know" it report.

Not so long ago it used to be just geeks who had a router in their house, but with the increasing use of broadband it's almost commonplace.

If you have one you might want to disable its UPnP facility. It's often enabled by default. Hackers can use UPnP in conjunction with getting you to open a website containing a special Flash file to unleash all sorts of evil deeds.

Trouble is UPnP is there to make your life easier if you use applications such as MSN and Skype so don't just disable it without taking some advice.

Not all routers are affected.

Full story here (http://www.channelregister.co.uk/2008/01/15/home_router_insecurity/)

Mike

My son has set up what's called WPA security on my WiFi system. Seems it's the bees knees:

http://en.wikipedia.org/wiki/Wi-Fi_Protected_Access

http://www.microsoft.com/windowsxp/using/networking/expert/bowman_03july28.mspx

My son has set up what's called WPA security on my WiFi system. Seems it's the bees knees:Yes it is and I recommend it but I'm afraid it wont protect you from this problem.

:PDT_Xtremez_42:

Thats right, WPA etc just password protects the networks and who has access to it. UPnP assigns ports and redirects requests basically, which in this case will be to 'reassign' requests to valid websites to spoof websites.

I don't think UPnP is really that important for everyday use, and most users (except maybe Torrent file downloaders) will really see much difference if it is turned off.

If you know how to disable it (via your routers manual or website) and you are worried, just disable it and see if it affects you. Its often enabled by default.

Utility which handles this easily: http://www.grc.com/UnPnP/UnPnP.htm

Utility which handles this easily: http://www.grc.com/UnPnP/UnPnP.htm

I'm afraid not. Steve Gibson's utilities are good and this one was ahead of its time but its a pretty old program and it wont protect you with this attack.

His utility stops UPnP attacks on the PC but this attack is attacking your router so it will hack the router before the PC even gets envolved.

I'm afraid not. Steve Gibson's utilities are good and this one was ahead of its time but its a pretty old program and it wont protect you with this attack.

His utility stops UPnP attacks on the PC but this attack is attacking your router so it will hack the router before the PC even gets envolved.

You're quite correct. Didn't read your post properly. You're right about SG's apps too. Awesome. Been using them for over a decade.

Its not the same story but its another router one so I thought I'd put it here.

This from the Register. (http://www.theregister.co.uk/2008/01/21/bt_home_hub_voip_hijacking/)


UK's number one router open to VoIP hijacking.

GNUCitizen say they have found a serious security bug in the BT Home Hub that could allow attackers to engage in identity theft and other types of fraud by hijacking calls routed over the internet.
The conclusion is that hackers can phone up and pretend to be anybody e.g. your bank, and your Home Hub will display this hacked number as if it were real.

BT's reply is


BT sent us this statement: "There's no risk whatsoever of any 'VoIP hijacking' in relation to the Home Hub - we closed this theoretical exploit about three firmware upgrades ago and the purported exploit doesn't work on the latest version."The Register story contains a link to a demo of the exploit, so you can at least try it out in relative safety.

I don't have a Home Hub myself and haven't tried it so do so with care. Trying out demos of exploits is always a risk in itself so be careful :shock:

Mike

It should be secured by enabling WPA2, WPA-PSK, or WEP on both your wireless router and every computer. Like try those in the given order and if one computer isn't capable of WPA2 then step down to WPA-PSK for all. That's how I achieve secure conferencing solutions and hassle free connectivity with my clients.

The similar reason earlier compel me to opt for a secure www.rhubcom.com (http://www.rhubcom.com) conferencing appliance over Skype for business purposes ; one can't take such chances....See the kinda weakness you explain above could allow attackers to redirect victims to fraudulent destinations that masquerade as trusted sites belonging to banks, ecommerce companies. These exploit even works even if a user has changed the default password of the router.