Web Hosting Talk






PDA

View Full Version : OPEN! Universal Plug'n'Play

Jedito
04-13-2002, 01:24 AM
OPEN! Universal Plug'n'Play is Microsoft's new protocol for allowing PCs to automatically discover and control a wide range of locally networked peripherals. This powerful protocol is likely to expose the user's machine to many clever remote security exploits and vulnerabilities. And, unfortunately, Microsoft has enabled this insecure protocol by default -- even if your system doesn't need or use it.

more Info at http://grc.com/UnPnP/UnPnP.htm
akashik
04-13-2002, 02:37 AM
I very good rule of thumb when using an operating system, especially MS, is to set up a firewall, install the newest virus protection, then download the updates. Next cab off the rank is to hit up a website devoted to tweaking the system and take a look through their security ideas. Close off everything you don't need (and probably some the things you think you will).

Then be very careful of any software you install from now till the day you die. :)

I've actually got XP locked up tighter than WinME right now - not much gets through without me seeing it in some form of monitoring software.

And the final advice is always, if you don't want it online, don't put it on your computer (cc numbers and root passwords come to mind) God invented removeable storage for a reason :D

Greg Moore
bitserve
04-13-2002, 11:33 PM
Another rule of thumb is not believing everything that steve gibson says. Like myself, he sometimes doesn't know what in the hell he's talking about.

http://www.theregister.co.uk/content/55/24189.html
akashik
04-14-2002, 02:04 AM
hehe, that's one of the more amusing Steve Gibson articles I'be read in a while. He's a bit of a scary fellow :)

Greg Moore
Mike the newbie
04-14-2002, 09:28 AM
Originally posted by bitserve
Another rule of thumb is not believing everything that steve gibson says. Like myself, he sometimes doesn't know what in the hell he's talking about.


I agree that Gibson is an excellent example of just how dangerous a little knowledge can be.

However, the uPnP security hole in Windows XP is real. You can go right throught the so-called "firewall" that Windows XP has built-in and exploit a buffer overflow.
akashik
04-14-2002, 11:04 AM
Originally posted by Mike the newbie
the so-called "firewall" that Windows XP has built-in

I noticed that when I was setting XP up last week. It put a bit of a smile on my face and reminded me to make sure I had a real firewall set up before I logged online for the first time :)

Greg Moore