Have you flashed your router?

Date: 14 January 2008 Original URL: http://www.auscert.org.au/render.html?cid=7066&it=8643 No I'm not talking about upgrading your firmware on your router. Neither am I talking about other nefarious types of flashing. I'm in fact talking about the fact that via an Adobe Flash file one can modify your router settings. "Yeah right!", I hear you say. Would I lie to you? No I wouldn't. So, I'll get to the crux of the situation. Via a maliciously crafted flash file, a remote unauthenticated attacker could modify your router settings to almost anything he requires. Such things as adding a port forward, changing DNS settings to a server he controls or setup a proxy via it. All this is enabled via the protocol UPnP or Universal Plug and Play which allows devices and software to "auto-magically" configure devices on the network. So should you turn it off? YES! But it will likely break things. Worth it? YES! You will have to manually correct the routers so you can continue to play your games, ahem, I mean so your systems remain running. Original blog can be found here: http://www.gnucitizen.org/blog/hacking-the-interwebs Cheers, Zane