Re: [UPnP-SDK-discuss] UPnP security

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 454-5900

I've been looking at this and was thinking a firewall would be the right
approach for a home network too.  However, what if you want to control any
of your devices from a remote location (I can think of lots of devices I'd
like to check in on when I'm outside the house)?  I guess the multicast data
could be encrypted too, but that would quickly complicate things... are
there any plans to do this for UPnP 2.0?

/audun

> It is true that UPnP 1.0 does not offer any kind of native security
> features (this is being worked on in UPnP 2.0), but in the meantime,
> the default security for your home network (namely, a firewall of
> some sort) should be more than sufficient to protect your UPnP
> network.  So, a valid answer to questions (2) and (3) below could be
> "a firewall".
>
> Is any home user out there *not* going to run a firewall?  If they
> don't have one, then all of their machines are at risk, not just the
> UPnP devices.
>
> -Preston
>
>
> > UPnP v1.0 does not offer any kind of security.
> > Answers to your specific questions are below.
> >
> > > (1) discovery:  how do you limit the broadcast of
> > > your exposed UpnP services
> > > to a target set of users?
> >
> > The UPnP v1.0 specification mandates the the
> > Time-To-Live (TTL) for the broadcast should be set to
> > 4, although Windows Millennium uses a TTL of 1.  The
> > multicast address is administratively scoped, but I
> > don't think that will get used much.  The UPnP SDK for
> > Linux uses a TTL value of 4 as the specification
> > states but offers no additional functionality.
> >
> > > (2) how do you prevent a hacker from using an
> > > exposed UPnP service without
> > > permission?
> >
> > Unfortunately, you cannot, at least with the base 1.0
> > protocols.  If a control point can discover a device,
> > it can access it.  Devices are free to implement
> > services that would perform authentication, but this
> > is not specified nor is anything like this
> > implementated in the UPnP SDK for Linux.
> >
> > > (3) how do you prevent a hacker from intercepting
> > > and munging a UPnP service
> > > transaction?
> >
> > Again, you cannot.  The core UPnP 1.0 protocols do not
> > offer any way to validate that a request came from a
> > particular control point that is authorized to perform
> > the action.
> >
>
>
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Calendar - Get organized for the holidays!
> http://calendar.yahoo.com/
> _______________________________________________
> UPnP-SDK-discuss mailing list
> UPn...@li...
> http://lists.sourceforge.net/mailman/listinfo/upnp-sdk-discuss