Router Bug Still Exists after 20 Months
-
tl;dr version: If you have a RealTek based router (D-Link and Trendnet), turn of UPnP.
-
I disable UPnP anyway. If I have any servers on my LAN I'd prefer to forward to them explicitly.
-
If you have a
RealTek basedrouter(D-Link and Trendnet), turn off UPnP
Seriously, it's just another weakness to be exploited.
-
Seriously, it's just another weakness to be exploited.
Agreed; I wasn't trying to provide specific configuration advice - just indicating that the specific attack could be mitigated by turning off UPnP.
-
Seriously, it's just another weakness to be exploited.
No, it's just another tool in the toolbox, and a damn useful one at that. (I like letting my software open up exactly the ports it needs, exactly when it needs them, without me having to think. And closing them afterward, too!) The problem is when it's not subject to access controls, and that's a problem with configuration, not the tech as a whole.
-
Granted, but have you ever seen access controls on this on consumer routers? You're lucky if the web interface is disabled on the WAN on those things!