> -----Original Message-----
> From: Chris Buechler
> Sent: Monday, 14 December 2009 6:18 AM
> On Sun, Dec 13, 2009 at 5:13 AM, Quark Group - Hilton Travis
> <Hilton at quarkgroup dot com dot au> wrote:
> > G'day Robert,
> > So, you're saying that the ability for any app to open a port
> > on your firewall when it wants is a way to increase security?
> > Sorry, not in my world it isn't. What stops malware opening
> > ports in a UPnP device?
> > UPnP has *no* place on a security device.
> A legit argument can be made that having the ports open only
> when necessary is better than having them open always. A good
> upnp implementation that allows you to limit which hosts and
> which ports can be used eliminates the concerns about having
> things opened that shouldn't be. In combination with the
> ability to not always have those things open, it really can be
> more secure than the alternative, having the same things open
> always whether or not they're being used.
So, what happens when some malware gets installed on a PC which is allowed to open ports on the UPnP
device and then starts communicating over those?
UPnP has no place on a gateway/security device. It is a vulnerability waiting to be exploited by
any malware author who cares to take advantage of it. It will never, ever be used on gateway
devices in any of our client sites (including our own).
A good UPnP implementation means that the code isn't even present on gateway/edge security devices.
Hilton Travis Phone: +61 (0)7 3105 9101
(Brisbane, Australia) Phone: +61 (0)419 792 394
Manager, Quark IT http://www.quarkit.com.au
Quark Group http://www.quarkgroup.com.au
War doesn't determine who is right. War determines who is left.
This document and any attachments are for the intended recipient only.
It may contain confidential, privileged or copyright material which
must not be disclosed or distributed without prior approval.
Quark Group Pty Ltd :: ABN 23 114 975 772
Trading As Quark AudioVisual, Quark Automation, Quark IT