"Paul D. Robertson" wrote: > > Mikael Olsson wrote: > > [laymans version of UPnP NAT traversal] > > It's worse, UPnP in the OS allows over-the-network driver loading (which > is why HP is supporting it)- so, the UPnP firewall opens the ports, the > UPnP OS loads the tainted driver, then it starts crawling around the > network. At some point, the NTFS drivers are going to be good enough, and > someone's going to be drunk enough to write up a worm to simply replace > WindowsXPQRST with Linux...
Ouch man. I just thought you meant remote install over the UPnP buffer overrun we all know, but this is worse. Since it seems appropriate in face of horrors unspeakable, I'll just reiterate: > > "Down, not across". -- Mikael Olsson, Clavister AB Storgatan 12, Box 393, SE-891 28 �RNSK�LDSVIK, Sweden Phone: +46 (0)660 29 92 00 Mobile: +46 (0)70 26 222 05 Fax: +46 (0)660 122 50 WWW: http://www.clavister.com _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
