Although Craig has been continuing to submit articles to EH-Net, he was not allowed to officially have a 'column' due to his employer. That restriction has been lifted, so welcome back to the family.
Permanent link:
[Article]-Plug-N-Play Network HackingUniversal Plug-N-Play (UPnP) is a protocol that allows various network devices to auto-configure themselves. One of the most common uses of this protocol is to allow devices or programs to open up ports on your home router in order to communicate properly with the outside world (Xbox, for example, does this). The UPnP protocol is built on top of pre-existing protocols and specifications, most notably, UDP, SSDP, SOAP and XML.
This article will address some of the security issues related to UPNP, briefly describe the inner workings of the protocol, and show how to identify and analyze UPNP devices on a network using open source tools. While we will be specifically focusing on IGDs (Internet Gateway Devices, aka, routers), it is important to remember that there are many other devices and systems that support UPNP as well, and they may be vulnerable to similar attacks.
As always, please add your feedback here and make any suggestions for future articles.
Don
Incident Response : Surely you trust the Auditors?
