website statistics

According to a recently published research paper, millions of devices making use of UPnP protocols are running a serious security risk.

What is the next Gadget you want?

View Results

Loading ... Loading ...
1 Star2 Stars3 Stars4 Stars5 Stars (Rate This)
Loading ... Loading ...

Universal Plug n Play networking protocols are often used by organizations to allow devices to connect with each other within a network. However, a new research paper reveals, these protocols are highly insecure and can be used by hackers to exploit the millions of devices that make use of UPnP.


Digital security

UPnP networking protocols are used worldwide in a whole range of devices, including routers and other networking equipment. They are often deployed by organizations because it is easier to use them and the networking costs are significantly trimmed.

However, this convenience may come at a heavy price because UPnP has some serious security flaws. The UPnP discovery protocol, namely SSDP, can be used by a hacker to execute nefarious code as well as gain access to the UPnP control interface, even on a private network. To top things up, certain UPnP protocols provide access to such device functions which are not even mandated as per security regulations.

The worst part is that nearly 80 million devices making use of UPnP protocols can be discovered via internet. This gives a potential hacker a huge repository of at-risk devices, which he can then exploit at his leisure.

According to the paper, “In most cases, network equipment that is “no longer shipping” will not be updated at all, exposing these users to remote compromise until UPnP is disabled or the product is swapped for something new. The flaws identified in the MiniUPnP software were fixed over two years ago, yet over 330 products are still using older versions.”

The discovery is certainly frightening in its sheer scope and gives food for thought to organizations who tend to take the security of their internal networks lightly.

Network security

Source: Security Flaws in Universal Plug and Play: Unplug, Don’t Play

Courtesy: CNET

Buy Cheapest Related Product From Amazon.com


Twitter Runs Into Over Capacity Issues

Valve Considers Apple The Biggest Threat To The Console Market
You can also press the left/right arrow key on your keyboard to go to previous/next post
  On February 1, 2013(1 year, 2 months ago.)

Recent Search

Recent Tutorials

Adobe CS products are not free, but the good news is you can now download Photoshop CS2 & all other CS2 product completely free and it's absolutely legal.
At the beginning level, many people don't know how to use Gmail properly. For them, a here's a helpful guideline.
Skype now allows you to call directly from your Outlook account. Find the step-by-step installation process from this tutorial.
This tutorial helps you quickly resolve four of the most common problems that occur with Windows XP.
After releasing Look Back, many people didn't like it. So Facebook planned to add an Edit tool to the feature and now you can edit your Facebook Look Back video.
Do you want to record Skype calls but don't know how to do that? Then this guide is absolutely for you. Get inside the article for details.
Do you know that many companies can track you on Facebook? Do you want to know who they are? Do you want to block them?
So you've been planning on replacing your old hard drive with the new drive? This tutorial helps you with a few simple steps.
Bitcoin is a digital currency that has gained extraordinary momentum in the last few months. This tutorial helps you get started with the basics.
Android lockscreen can be secured in a number of ways, some of which are described in this brief tutorial.
Close You Have To Login
User:
Pass:
Login With »Login With TwitterLogin With Facebook