[Dshield] Possible solution for ISP (was DShield's public goals)

Johannes B. Ullrich jullrich at sans.org
Fri Jan 20 14:11:24 GMT 2006


-----BEGIN PGP SIGNED MESSAGE-----
Hash: RIPEMD160


UPnP can be used to adjust more or less any setting in the gateway (e.g.
port forwarding, or enable/disable firewall rules).

See upnp.org for a complete list. Its depends on what kind of features
your gateway implements. UPnP includes features like lighting and HVAC
control (but I doubt that part of your Netgear box ;-) ).

The idea of UPnP is that devices can discover and configure each other
to whatever extend the device maker permits. Currently,
firewalls/routers, printers, scanners, hvac and lighting seem to be
covered. But the way the standard is laid out, it wouldn't be too hard
for some other equipment to join in on the fun.






Chris Ramsden wrote:
> Frank Knobbe wrote:
>>> Right, but your firewall doesn't configure itself accordingly. The UPnP
>>> request supply the default gateway to the user. That's pretty much it.
>>> No inbound NAT to Joe PC forwarding is configured.
>>>
> So what's going on here?
> 
> UPnP Portmap Table
> Active 	Protocol 	Int. Port 	Ext. Port 	IP Address
> YES	TCP	6881	6881	192.168.0.6
> YES	UDP	6881	6881	192.168.0.6
> YES	TCP	6969	6969	192.168.0.6
> 
> - From a Netgear DG824M adsl router. That's port forwarding, isn't it?

- --
- ---------
Johannes Ullrich                        jullrich at sans.org
Chief Research Officer                     (617) 639 5000
http://isc.sans.org
PGP Key: https://secure.dshield.org/PGPKEYS

"We use [isc.sans.org] every day to keep on top of
 security at our bank" Matt, Network Administrator.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD0O+LPNuXYcm/v/0RA/4jAJ9xnLJkZcIKoDMrDxNMQUpnhWHwDwCdGwk2
dy1xjFmldl+yZkpuJucjEXU=
=oGcF
-----END PGP SIGNATURE-----


More information about the list mailing list