[ previous ] [ next ] [ threads ]
 
 From:  Joe Nardone <jnardone at gmail dot com>
 To:  m0n0wall dash dev at lists dot m0n0 dot ch
 Subject:  Re: [m0n0wall-dev] UPNP
 Date:  Tue, 18 Oct 2005 16:31:19 -0400
I guess it depends on who we think the m0n0wall target audience is.

If we think home users are a decent/significant part of the numbers, then I
think uPNP becomes a more important feature (off by default, etc. etc.)

If it's mostly enterprise users, then it's much lower priority (if at all).

One day too late, the types of usage of m0n0wall (enterprise, home, CPE-type
deployment, etc.) would have been a useful statistic.

Joe

On 10/18/05, Chris Dickens <chris at object dash zone dot net> wrote:
>
> Okay, I didn't want to be the sour grape that said it when I admitted put
> it
> at the end of the list, but I'm pretty much with everyone else so far.
> Honestly, it sounds pretty useless to me.
>
> --Chris
>
> -----Original Message-----
> From: Chris Buechler [mailto:cbuechler at gmail dot com]
> Sent: Tuesday, October 18, 2005 4:08 PM
> Cc: m0n0wall dash dev at lists dot m0n0 dot ch
> Subject: Re: [m0n0wall-dev] UPNP
>
>
> > Cool thing about UPNP is that it will automatic add ports for direct
> > connections, such as file transfers.
> >
>
> and the *really* cool thing will be when some
> malware/spyware/worm/virus/trojan starts telling UPNP to open ports so the
> owned box can be hit directly from the Internet! granted if it gets that
> far, it can start inbound-only connections and end up in pretty much the
> same situation with tunneling or similar things, but this could leave you
> open to the whole world.
>
> Name a single *real* firewall that supports UPNP. There aren't any,
> because
> it's a ridiculously bad idea.
>
> I'm sufficiently tired of hearing people ask for something to make them
> horribly insecure though, so at this point if somebody wants to add
> support
> that's disabled by default, more power to 'em. ;)
>
> -Chris
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: m0n0wall dash dev dash unsubscribe at lists dot m0n0 dot ch
> For additional commands, e-mail: m0n0wall dash dev dash help at lists dot m0n0 dot ch
>
>