Re: [m0n0wall] Feature request: UPnP

From:	"David Burgess" <apt dot get at gmail dot com>
Cc:	"Mono Wall list" <m0n0wall at lists dot m0n0 dot ch>, "M0n0 Wall Dev list" <m0n0wall dash dev at lists dot m0n0 dot ch>
Subject:	Re: [m0n0wall] Feature request: UPnP
Date:	Tue, 22 Jul 2008 11:31:31 -0600

On Tue, Jul 22, 2008 at 11:08 AM, Andrew Hull <list at racc2000 dot com> wrote:
> Here, here!
>
> UPnP is a *very* bad idea from a network security standpoint. As currently
> implemented, I *will not* use UPnP, I disable it on every router that
> supports it, and do not recommend it to anyone for any reason.
>
> However, I do acknowledge that every on in the world does not agree with me.
>
> I would not be staunchly opposed to UPnP support in m0n0 if implemented with
> the following criteria:
> - disabled by default
> - some sort of a "this is a huge security venerability" note next to the
>  UPnP enable check box in the GUI.
>
> Again, I will never use/enable UPnP... but someone may want to despite the
> security consequences.

Amen

db