From: Chris Brenton <cbrenton@chrisbrenton.org>
To: netfilter@lists.netfilter.org
Subject: RE: Anybody heard about UP&P ?
Date: Sun, 22 Feb 2004 07:33:29 -0500 [thread overview]
Message-ID: <1077453208.2158.71.camel@grendel> (raw)
In-Reply-To: <739652C2AFA4834AAB5986A215F68CEC0165A9@svr1.home.compsup.net>
This sounds *really* fishy to me. Sounds to me like what they are
looking to do is setup a 1 to 1 NAT mapping (or possibly port
forwarding) to the host needing "remote assistance" and probably punch
open the filtering as well.
Do you know how how much access gets opened up? Any authentication or
encryption being used during the management session? Any guarantee that
the hole gets closed up when they are done? Any logging of the access as
well as what gets changed during the session?
You could always ask what level of access is required and just manually
create the rules yourself. At least that way you know what is going on.
I think I'm real glad Netfilter does not support this. Sounds like a
compromise waiting to happen.
C
On Fri, 2004-02-20 at 14:35, Carl Farrington wrote:
> UPNP means Universal Plug'n'Play. I guess WinXP looks to automagically reconfigure the NAT rules via upnp.
>
> No idea about the netfilter stuff myself I'm afraid.
>
> > -----Original Message-----
> > From: Marc Rechté [mailto:mrechte@randodetente.org]
> > Sent: 20 February 2004 07:14
> > To: netfilter@lists.netfilter.org
> > Subject: Anybody heard about UP&P ?
> >
> > To enable remote assistance from Internet of a WinXP PC on a LAN using
> > NAT one must have a UP&P NAT compatible router.
> >
> > Can Netfilter act as such a router, and if so do you have an idea of the
> > chain to apply ?
> >
> > Thanks for your help
> >
> > Marc.
> >
>
>
next prev parent reply other threads:[~2004-02-22 12:33 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2004-02-20 19:35 Anybody heard about UP&P ? Carl Farrington
2004-02-20 20:34 ` Rob Sterenborg
2004-02-22 12:33 ` Chris Brenton [this message]
-- strict thread matches above, loose matches on Subject: below --
2004-02-23 15:48 bmcdowell
2004-02-22 22:55 Carl Farrington
2004-02-23 14:58 ` rruegner
2004-02-20 7:14 Marc Rechté
2004-02-21 18:13 ` Ray Leach
2004-02-22 22:46 ` Alex Satrapa
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1077453208.2158.71.camel@grendel \
--to=cbrenton@chrisbrenton.org \
--cc=netfilter@lists.netfilter.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox