On Friday 16 April 2004 05:12, Scott C. Best wrote: > Gerhard: > > Heya. Your post is the first I've heard that applications can > use uPnP to auto-configure a DSL router that they're sitting behind. > The idea sounds conveniant, which means it also sounds like the opposite > of secure. :) If my DSL router actually auto-configured its port-forward > settings without me telling it to...how would I ever be able to restrict > what services on my network are externally accessible?
I first discovered uPnP when I noticed my Linux firewall blocking packets from an internal machine. Turns out a visitor had XP on their laptop, and it was trying to tell our firewall to allow connections to MSN Messenger through to it. What is the point of a firewall if any program on the inside can re-configure it to allow things through? Doesn't MS know about trojans and viruses? At the time there were very few uPnP devices to take advantage of this 'feature', but the scary thing is that I have now seen several domestic 'firewalls' that do. Cheers, Rasjid. -- Rasjid Wilcox Canberra, Australia (UTC +10 hrs) http://www.openminddev.net _______________________________________________ VNC-List mailing list [EMAIL PROTECTED] To remove yourself from the list visit: http://www.realvnc.com/mailman/listinfo/vnc-list
