Quark IT - Hilton Travis wrote:
> NO. NO. NO.
> UPnP is a massive security vulnerability waiting to be exploited. What
> use is a firewall where ANY unauthenticated application can open a port
> and forward it?
> Anyone who enables UPnP has no conception of security.
UPnP is a *very* bad idea from a network security standpoint. As
currently implemented, I *will not* use UPnP, I disable it on every
router that supports it, and do not recommend it to anyone for any reason.
However, I do acknowledge that every on in the world does not agree with
I would not be staunchly opposed to UPnP support in m0n0 if implemented
with the following criteria:
- disabled by default
- some sort of a "this is a huge security venerability" note next to the
UPnP enable check box in the GUI.
Again, I will never use/enable UPnP... but someone may want to despite
the security consequences.