Kevin Chadwick [ma1l1i...@yahoo.co.uk] wrote: > > > Every firewall/router product that I have purchased has been > > > compromised so far. > > > > I don't believe this at all. Not one bit. > > I could believe it but that doesn't mean that I do. 90% of the routers > on my street will be insecure and even using old sps, upnp or wep.
Common, mass attacks are becoming more sophisticated every day. All of them. The cat-and-mouse game is continually tilting against the vast majority who only take the most basic security measures. So it's typically a big problem when new major vulnerabilities are found in consumer grade equipment. Here's a simple example from the past week: Someone just pointed out that most of the Linux UPNP routers out there listen to UPNP port forwarding requests FROM EXTERNAL SOURCES! So now everyone is releasing patches, and that's only IF the code on the router is still even maintained. And this new (and pretty fucking obvious) hole was just pointed out to the general public. To see that router vendors are mass producing junk that listens to a UPNP port forwarding request from the fucking INTERNET shows that anyone who doubts the security of their XYZ router is probably on to something. Yeah, you can parade the idea that "you should have disabled UPNP", and that is a smart choice. But very few UPNP routers will come with UPNP disabled. And the UPNP insecurity that is well known is at least supposed to have a basis in an already-compromised INSIDE host, not take port forwarding requests from the INTERNET. So if vast numbers of routers are listening to admin commands from 0.0.0.0/0, and you don't believe "at all" that "every router" this apparent troll has bought has been compromised, then you need to think more creatively. And this guy needs to disable UPnP, and maybe change his router admin password while he's at it. (And reflash the firmware, and reformat his computer, re-flash his DVD ROM, GPU, and so on.)
