From: http://www.forbes.com/sites/andygreenberg/2013/01/29/disable-a-protocol-called-upnp-on-your-router-now-to-avoid-a-serious-set-of-security-bugs/
QuoteYou've probably never checked whether your Internet router is set by default to use a harmless-sounding protocol called Universal Plug and Play. If it does, now's a good time to turn it off.
The protocol, abbreviated UPnP, lets computers, printers, and other devices make themselves easily discoverable to a network router. But new research by the security firm Rapid7 shows that it could also let hackers easily discover and exploit those routers, too. And the problem is "universal," indeed: A wide-ranging scan of the Internet show that it affects as many as 50 million unique devices.
On Tuesday security researcher Rapid7 released an advisory warning that UPnP allows the remote discovery of between 40 and 50 million UPnP routers, printers, servers and other machines. The company says that software bugs it found in three different implementations of the protocol affect 1,500 vendors and 6,900 different products, including some versions of routers sold by every major vendor, including Cisco's Linksys division, Belkin, D-Link and Netgear. And while some of those bugs would merely allow affected devices to be temporarily disabled, at least 23 million of the devices are susceptible to full takeover by hackers, potentially becoming a jumping-off point for an attack on the victim's network behind any firewall.
More at link.
It a good idea (UPnP) for Internal Networks but not for any Network exposed to the Internet!
I have always turned it of for any machine that goes online!
These 'security' guys are behind the times! :o
All you need to be secure...
SHIELDS UP
https://www.grc.com/x/ne.dll?bh0bkyd2
Shields Up is an online port scanning service created by Steve Gibson of Gibson Research Corporation and hosted at grc.com. The purpose of this utility is to alert the users of any ports that have been opened through their firewalls or through their NAT routers. The utility can scan the most common file sharing ports, as well as all service ports (1-1056), and user defined ports, in sets of 64.
The scanning servers have the static IP addresses of 4.79.142.192 to 4.79.142.207.
http://en.wikipedia.org/wiki/Shields_Up
Free to use to test for leaks but you have to read and follow the instructions carefully depending on your needs and usage. My computer is invisible to hackers. You cannot hack what you cannot find
Quote from: zorgon on January 30, 2013, 02:54:05 AM
All you need to be secure...
SHIELDS UP
https://www.grc.com/x/ne.dll?bh0bkyd2
Solicited TCP Packets: PASSED — No TCP packets were received from your system as a direct result of our attempts to elicit some response from any of the ports listed below — they are all either fully stealthed or blocked by your ISP. However . . .
Unsolicited Packets: PASSED — No Internet packets of any sort were received from your system as a side-effect of our attempts to elicit some response from any of the ports listed above. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system remained wisely silent. (Except for the fact that not all of its ports are completely stealthed as shown below.)
Ping Reply: RECEIVED (FAILED) — Your system REPLIED to our Ping (ICMP Echo) requests, making it visible on the Internet. Most personal firewalls can be configured to block, drop, and ignore such ping requests in order to better hide systems from hackers. This is highly recommended since "Ping" is among the oldest and most common methods used to locate systems prior to further exploitation.
Not sure how to turn My ping off.
Turning ping of Am, is one of the hardest things around.
It could be your computer, it could be your router, or it could be your ISP (Internet Service Provider).
I have had all 3.
If it's your computer then some firewalls allow you to turn it of, but it is near impossible in Windows, and in Unix and Linux it is easy.
If it's your Router or Modem (Whatever you use to connect to the Internet) then it's time to read the manual and find out how to turn of ping (ICMP) replies.
If it's your ISP then good luck, they have their own policy and won't change it for anybody.
All in all, it is one of the lowest threat risks (Having a ping response) as it used to be used by hackers to ping networks to see if anything was there. Just because your computer replies doesn't mean much.
So, if you can't turn it of, I wouldn't worry too much about it. ;)
Thanks, star. [smile] Seems My system is fairly secure then. Haven't really had issues lately, so I guess I won't worry too much.
Zone Alarm... even there free firewall allows you to. But you have to disable windows firewall
I did notice that Windows has finally given in and listed zonealarm and AVG in their monitored programs list so you no longer get that 'disabled' warning from windows :D Took them long enough ;)
Another good one is Comodo also free
http://personalfirewall.comodo.com/
Both these stop OUTGOING programs from accessing the net You have to give permission. You would be amazed at how many programs on your comp are sending out info Updaters, Tool Bars, etc are the worst offenders but I have seen really odd programs trying to access the net like desktop WTF? Scripts can come via emails and downloads that lurk and then try to dial out so you need an outgoing blocker
Quote from: zorgon on January 30, 2013, 02:54:05 AM
All you need to be secure...
SHIELDS UP
https://www.grc.com/x/ne.dll?bh0bkyd2
For this case it would be also a good idea to check this page (http://www.grc.com/unpnp/unpnp.htm). :)
Quote from: starwarp2000 on January 30, 2013, 08:28:27 PM
If it's your computer then some firewalls allow you to turn it of, but it is near impossible in Windows, and in Unix and Linux it is easy.
It depends, the Windows Vista and 7 firewall blocks everything, at least on those systems I have installed (not many).