Vista Forums - View Single Post

06-05-2008

"Windows Live Messenger relies on UPnP, but I have encountered evidence that
enabling UPnP on the router can be hazardous."

that was the biggest point I wanted to stress.

http://www.upnp-hacks.org
http://www.gnucitizen.org/blog/flash-upnp-attack-faq/

those are just a couple off the top.

I am a technically competent user that wants to be in control of the
traffic on my network.

a reliance on upnp as the only method of port management is a poor choice.
(it's a good feature for those that want it)

it does nothing for the security conscious.

it does nothing to help those who have poor upnp support.

in my experience most people have improperly configured port settings with
or with out upnp.

ie the touted features of messenger rarely work as advertised and from what
I can tell that is mostly due to issues involving Network Address
Translation. as a power user who is now administering my own home network,
messenger would work better more often if I could dedicate more than just
the default ports to one computer.

that said, I hope my rants can be forwarded to some one on the messenger
dev team.

"N. Miller" <anonymous@xxxxxx> wrote in message
news:jjn1s1td9pce.dlg@xxxxxx

Quote:

> On Wed, 4 Jun 2008 14:45:11 -0600, J_S wrote:
>

Quote:

>> further more... with a fixed port assignment how are two people on the
>> same
>> network going to voip or fileshare at the same time? even if upnp were
>> to
>> dynamically forward ports as needed it cant forward the same port to two
>> places.

>
> UPnP, properly implemented, requests the port from the gateway device. I
> suppose a normal gateway device, being as smart as the typical computer,
> would know which ports it has already forwarded to which computers, and
> only
> assign ports as available.
>
> AIM used to be user configurable (I haven't played with it lately), and
> Trillian, as well. The user could select any ports desired, and I had, at
> one time, a table of ports assigned for two computers. I could configure
> my
> router for two ranges of ports, one for each computer. I see neither of
> them
> offer user configurable ports, either.
>
> Windows Live Messenger relies on UPnP, but I have encountered evidence
> that
> enabling UPnP on the router can be hazardous.
>
> --
> Norman
> ~Oh Lord, why have you come
> ~To Konnyu, with the Lion and the Drum

06-05-2008	#10 (permalink)
J_S n/a posts	Re: port forwarding on messenger "Windows Live Messenger relies on UPnP, but I have encountered evidence that enabling UPnP on the router can be hazardous." that was the biggest point I wanted to stress. http://www.upnp-hacks.org http://www.gnucitizen.org/blog/flash-upnp-attack-faq/ those are just a couple off the top. I am a technically competent user that wants to be in control of the traffic on my network. a reliance on upnp as the only method of port management is a poor choice. (it's a good feature for those that want it) it does nothing for the security conscious. it does nothing to help those who have poor upnp support. in my experience most people have improperly configured port settings with or with out upnp. ie the touted features of messenger rarely work as advertised and from what I can tell that is mostly due to issues involving Network Address Translation. as a power user who is now administering my own home network, messenger would work better more often if I could dedicate more than just the default ports to one computer. that said, I hope my rants can be forwarded to some one on the messenger dev team. "N. Miller" <anonymous@xxxxxx> wrote in message news:jjn1s1td9pce.dlg@xxxxxx Quote: > On Wed, 4 Jun 2008 14:45:11 -0600, J_S wrote: > Quote: >> further more... with a fixed port assignment how are two people on the >> same >> network going to voip or fileshare at the same time? even if upnp were >> to >> dynamically forward ports as needed it cant forward the same port to two >> places. > > UPnP, properly implemented, requests the port from the gateway device. I > suppose a normal gateway device, being as smart as the typical computer, > would know which ports it has already forwarded to which computers, and > only > assign ports as available. > > AIM used to be user configurable (I haven't played with it lately), and > Trillian, as well. The user could select any ports desired, and I had, at > one time, a table of ports assigned for two computers. I could configure > my > router for two ranges of ports, one for each computer. I see neither of > them > offer user configurable ports, either. > > Windows Live Messenger relies on UPnP, but I have encountered evidence > that > enabling UPnP on the router can be hazardous. > > -- > Norman > ~Oh Lord, why have you come > ~To Konnyu, with the Lion and the Drum
My System Specs