> > In my opinion, UPnP /is/ a large hole in security.
> > It is disabled on my router.

> I don't agree.  It makes things very convenient for the end user,
> today when a lot of people are behind NAT routers.

Yes indeed. And also very convenient for any virus/troyan/malicious code
behind the NAT router.

> The only way I can see
> it being a security hole is if you have some malicious
> executable running behind your router.

This is so frequently the case for most "standard" end user which do not
maintain their PC up-to-date, nor their anti-virus and anti-spyware.

> If that is the case, the fact it can get your router to
> forward incoming connections isn't that significant,
> since it can easily connect outwards, or delete your data anyway...

This is one more hole.
Each one consider security versus his own risks.

Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html
Author of ICS (Internet Component Suite, freeware)
Author of MidWare (Multi-tier framework, freeware)

To unsubscribe or change your settings for TWSocket mailing list
please goto http://www.elists.org/mailman/listinfo/twsocket
Visit our website at http://www.overbyte.be

Reply via email to