I have in the bad old days been and done the hpavc stuff.. (alias XtraAccess) so i know all to well of what malicous entensions can be achieved by opening up a server on a local or remote pc, but that was then playtime is no more. The program i have uses all three points as well as some unique encryption to confirm the traffic and data being used, both peers and the website work together to create the circle of authentication as well as a lot more in place to ensure data both ways is only allowed under the rule base that i have. Creating the app to run securely and correctly is not my problem, the problem i have is getting the program to config under wireless admin automatically instead of making the user go through what is to many a daunting task.
P.S.. Upnp enabled or not, firewall , antivirus or not... if someone really wants your pc and their good enough they will any any old hpavc guy/gal will be the first to admit it. Thanks.. ----- Original Message ----- From: "Francois Piette" <[EMAIL PROTECTED]> To: "ICS support mailing" <twsocket@elists.org> Sent: Monday, October 23, 2006 8:22 AM Subject: Re: [twsocket] IP Plug and Play or IPV6 > > > In my opinion, UPnP /is/ a large hole in security. > > > It is disabled on my router. > > > I don't agree. It makes things very convenient for the end user, > especially > > today when a lot of people are behind NAT routers. > > Yes indeed. And also very convenient for any virus/troyan/malicious code > behind the NAT router. > > > The only way I can see > > it being a security hole is if you have some malicious > > executable running behind your router. > > This is so frequently the case for most "standard" end user which do not > maintain their PC up-to-date, nor their anti-virus and anti-spyware. > > > If that is the case, the fact it can get your router to > > forward incoming connections isn't that significant, > > since it can easily connect outwards, or delete your data anyway... > > This is one more hole. > Each one consider security versus his own risks. > > > Contribute to the SSL Effort. Visit http://www.overbyte.be/eng/ssl.html > -- > [EMAIL PROTECTED] > Author of ICS (Internet Component Suite, freeware) > Author of MidWare (Multi-tier framework, freeware) > http://www.overbyte.be > > -- > To unsubscribe or change your settings for TWSocket mailing list > please goto http://www.elists.org/mailman/listinfo/twsocket > Visit our website at http://www.overbyte.be > > -- To unsubscribe or change your settings for TWSocket mailing list please goto http://www.elists.org/mailman/listinfo/twsocket Visit our website at http://www.overbyte.be
