Results 1 ... 106 found in all logged channels for 'upnp'
(pest) asciilifeform: upnp: re: 'security assumptions of pest' -- this summarizes moar or less whole thing.
(pest) asciilifeform: ( upnp is a kludge sometimes found in konsoomer 'cable box' nats where a magick json string thrown at certain internal port on gateway results in a fwd rule )
(pest) asciilifeform: moar on subj of nats -- for hypothetical fyootor pestron, may want upnp port opener. ( problem being , asciilifeform cannot test such, does not have any konsoomer nat boxen where it worx )
(pest) shinohai[asciilifeform]: 1900/udp open|filtered upnp
(asciilifeform) dulapbot: (trilema) 2016-09-07 asciilifeform: (upnp) 'There is a heap buffer overflow vulnerability in the create_url_list function in upnp/src/gena/gena_device.c. I first discovered this vulnerability when working with version 1.6.19 and have confirmed that it also exists in the latest code on the master branch.'
(asciilifeform) dulapbot: (trilema) 2017-03-14 asciilifeform: Framedragger: in the old #bitcoin-assets days, there was a bot, that idled under (afaik still unknown) names, and would target ddostron (used vulnerable konsoomer router 'upnp' for udp amplification) at anyone who logged in without using fleanode's 'cloak' feature (i.e. had visible ip).
(trilema) asciilifeform: 125.227.247.104 ( and bunch of boxes ) have world-writable upnp (ddostron)
(trilema) asciilifeform: Framedragger: in the old #bitcoin-assets days, there was a bot, that idled under (afaik still unknown) names, and would target ddostron (used vulnerable konsoomer router 'upnp' for udp amplification) at anyone who logged in without using fleanode's 'cloak' feature (i.e. had visible ip).
(trilema) BingoBoingo: lol GNOME GuPNP is a thing
(trilema) asciilifeform: phf: i have one for upnp removal but it is pre-v
(trilema) asciilifeform: this ain't the first upnpism either
(trilema) asciilifeform: (upnp) 'There is a heap buffer overflow vulnerability in the create_url_list function in upnp/src/gena/gena_device.c. I first discovered this vulnerability when working with version 1.6.19 and have confirmed that it also exists in the latest code on the master branch.'
(trilema) asciilifeform: #6619 4862708 depends: bump miniupnpc and ccache << apparently upnp is still in the mix
(trilema) ascii_butugychag: there was a time when alu worked the way upnp 'works'
(trilema) asciilifeform: trinque: this is reminiscent of the thread concerining upnp.
(trilema) assbot: Logged on 25-10-2014 23:34:30; ben_vulpes: asciilifeform: http://cascadianhacker.com/rm_rf_upnp.tar.gz << i believe this excises all upnp mentions. my build hops on the network and downloads blocks.
(trilema) thestringpuller: foundation's client has removed miniupnp?
(trilema) BingoBoingo: "MiniUPnP Internet Gateway Device Protocol XML Parser Buffer Overflow"
(trilema) assbot: Standalone BitTorrent BT Client + UPNP USB/NAS/FTP/SAMBA/Printer Sharing Network LAN Server - Free Shipping - DealExtreme ... ( http://bit.ly/1MbeaqQ )
(trilema) decimation: upnp hardly works anywhere
(trilema) asciilifeform: decimation: no upnp in starbucks
(trilema) ascii_field: bad enough that this thing will need upnp
(trilema) jurov: ^ i see rm_rf_upnp there
(trilema) assbot: Logged on 08-12-2014 17:59:30; asciilifeform: incidentally, if anyone bothered to read the packet dump i posted a while ago, they should know that the ddos bot uses misconfigured consumer routers (upnp reflection)
(trilema) asciilifeform: unrelated, someone needs to take ben_vulpes's rm_rf_upnp patch and turn that into a separate executable that does upnp.
(trilema) asciilifeform: because it needs to know when it must attempt upnp and when not
(trilema) asciilifeform: incidentally, the upnp demon will need to be thrown in
(trilema) nubbins`: QT support, upnp, etc
(trilema) asciilifeform: that upnp will have to be grudgingly brought back, if only as a separate process
(trilema) asciilifeform: we're probably stuck bringing back upnp regardless
(trilema) asciilifeform: dhcp also means we have to bring back upnp
(trilema) mod6: which will be: v0.5.3 + patches { 1, rm_rf_upnp, 2, 3, 4, 6, 7, 8 (static-makefile) } + modified poratronic build script & release notes.
(trilema) fuddos: and it appears to block nearly all of the upnp spam
(trilema) mod6: v0.5.3 base + patches { 1, rm_rf_upnp, 2, 3, 4, 6 & 7 } + openssl 1.0.1g with a modified portotronic build script - all statically linked libs
(trilema) mod6: and recently, TomServo was able to fully sync the blockchain with config: v0.5.3 + patches + { 1, rm_rf_upnp, 2, 3, 4, 6 & 7 } AND with openssl v0.9.8o
(trilema) mod6: well, remember, I've personally gotten past that block probably a dozen times with openssl 0.9.8o with config: v0.5.3 + patches { 1, rm_rf_upnp, 2, 3, 4, & 6 }
(trilema) mod6: A static build on debian 6 + v0.5.3 + patches { 1, rm_rf_upnp, 2, 3, 4, 6 & 7 } + openssl v1.0.1g failed: http://pastebin.com/raw.php?i=P0Yt9c2U
(trilema) mod6: more good news. my AWS instance achieved full sync just now with the following config: v0.5.3 + patches { 1, rm_rf_upnp, 2, 3, 4, 6 & 7 } & openssl version 1.0.1g : http://pastebin.com/raw.php?i=VVz5j1dW
(trilema) mod6: well, the really strange thing is that it totally isnt consistant. just as recently as the 26th of January I completed full sync with v0.5.3 + patches { 1, rm_rf_upnp, 2, 3, 4, & 6 } and openssl v0.9.8o
(trilema) mod6: ok was able to pass 168,001 on my aws instance with configuration: openssl 1.0.1g + v0.5.3 + patches { 1, rm_rf_upnp, 2, 3, 4, 6 & 7 } : http://pastebin.com/raw.php?i=aBLX9YVy
(trilema) mod6: yeah, i mean, as recently as the 26th of january I was able to full sync and send/receive with: v053+patches { 1, rm_rf_upnp, 2, 3, 4, & 6 } and other people have gotten past it as well. so its not consistant as far as I can tell.
(trilema) phillipsjk: er UDP *fragment* flood. (The UPNP shit was UDP too)
(trilema) phillipsjk: here is the first minute or so of UPnP crap: (64MIB) http://phillipsjk.ca/images/Jan_28_2015_DDOS_10Mbit.pcap
(trilema) mod6: for the record, its: v0.5.3 + patches { 1, rm_rf_upnp, 2, 3, 4 & 6 }
(trilema) asciilifeform: we have at least two posted by regulars - one that was entirely ssdp (from buggy upnp in consumer routers) and another that was mostly ntp (likewise misconfigured embedded electronics)
(trilema) mod6: and TomServo was able to run with the following config and just achieved full sync: v0.5.3 + {1, rm_rf_upnp, 2, 3, 4, 6, 7}
(trilema) mod6: but, its weird, because a week ago i ran a full sync of: v0.5.3 + {1, rm_rf_upnp, 2, 3, 4, 6} and sync'd just fine, as you can see in the matrix notes (was able to send/receive here: http://pastebin.com/raw.php?i=FSA9gxs8)
(trilema) mod6: also, v0.5.3. + patches {1, rm_rf_upnp, 2, 3, 4, 6 & 7} (which includes the version update)
(trilema) mod6: we're interested to see if anyone running: v0.5.3 + patches {1, rm_rf_upnp, 2, 3, 4, & 6 (db_config) } runs into the same issues.
(trilema) asciilifeform: jurov: you know, upnp can run as a separate daemon
(trilema) jurov: if i do, then i'll add upnp anyway. just fyi.
(trilema) asciilifeform: jurov: if they're plugged into home routers then we need upnp then << why????!? every home router ever made, even utter garbage, lets user open ports the normal way
(trilema) jurov: the upnpnp deamon, i mean
(trilema) jurov: btw, are the pogosticks supposed to accept outside connections? if they're plugged into home routers then we need upnp then
(trilema) TomServo: danielpbarron: as I understand, with upnp being clipped IRC was the remaining node discovery mechanism
(trilema) mircea_popescu: it is the fault of the people running servers that they implemented upnp instead of beating the people with the reports, sure. however, beatings suffer from a disaster of commons type of problem : they are valuabler and expensive, but the beneficiaries resist them afore, even if they appreciate them after.
(trilema) mircea_popescu: phillipsjk: The users installing those routers probably don't even play with computer networks as a hobby. It is the manufacturers, not the end-users' fault that UPnP is exposed to the Internet. <<< ther atrocity known as unpnp exists in the first place because people who do not know how to use computers wish nevertheless to use computers, and then complain to people running servers that "doesn't work".
(trilema) phillipsjk: Exposing UPnP to the internet defies all common sense. Add to that, many of the Pwnt routers appear to be in China, I am going to call it a deliberate back-door on the part of the manufacturer.
(trilema) phillipsjk: The users installing those routers probably don't even play with computer networks as a hobby. It is the manufacturers, not the end-users' fault that UPnP is exposed to the Internet.
(trilema) asciilifeform: recall that we snipped upnp.
(trilema) mod6: basically; patches include so far, your patches, ben's rm UPNP & the bdb config update patches.
(trilema) mod6: cool. in this case, im running v0.5.3[base]+patches{1,rm_rf_upnp,2,3,4,6(db_config),unreleased-version-update-patch}
(trilema) mod6: This month I've been doing testing with the patched version of the reference implementation. Main object here is to get from genesis block to current block, while being able to get past the wedge block 252450. I was able to do that, but not only did we test with ascii's patches and ben's UPNP patch, I added a patch (http://dpaste.com/1G3XY64) that removes the checkpoints, and a patch (http://dpaste.com/1K5M2TN) to configure BDB so the R.I. won't
(trilema) asciilifeform: incidentally, if anyone bothered to read the packet dump i posted a while ago, they should know that the ddos bot uses misconfigured consumer routers (upnp reflection)
(trilema) assbot: f9beb4d9 #12: SUCCESS (stable); Comment: ben vulpes' rm_rf_upnp patch
(trilema) decimation: asciilifeform: I found your ip flood amusing - all upnp hilarity
(trilema) ben_vulpes: not rm_rf_upnp you aren't
(trilema) mod6: asciilifeform: are you the author of these patches? : rm_rf_upnp.tar.gz https-snipsnip.tar.gz turdmeister-alert-snip.tar.gz goodbye-win32.tar.gz ?
(trilema) ben_vulpes: <jurov> http://explo.yt/post/2014/10/29/some-dangerous-idea << my braindump about turdatron << UPNP was me, jurov
(trilema) mircea_popescu: ben_vulpes: i believe this excises all upnp mentions. my build hops on the network and downloads blocks. <<< yay wd.
(trilema) ben_vulpes: does UPNP removal count as a cosmetic change?
(trilema) asciilifeform: (assuming you had upnp disabled in flags before)
(trilema) ben_vulpes: asciilifeform: http://cascadianhacker.com/rm_rf_upnp.tar.gz << i believe this excises all upnp mentions. my build hops on the network and downloads blocks.
(trilema) asciilifeform: ben_vulpes: there's a whole lot more upnp in there
(trilema) ben_vulpes: asciilifeform: http://cascadianhacker.com/rm_rf_upnp.tar.gz << am i doing it correctly?
(trilema) ben_vulpes: wrote my own patch ripping out upnp dependency, build is now taking forever.
(trilema) asciilifeform: decimation: 0.5.3 UPNP - it's condemned to die, if that weren't obvious
(trilema) assbot: Millions of devices vulnerable via UPnP - Update - The H Security: News and Features
(trilema) decimation: yeah here's the bitcoin dependency: http://miniupnp.free.fr/
(trilema) assbot: MiniUPnP Project HomePage
(trilema) mircea_popescu: there's linux upnp ?!
(trilema) decimation: the most hilarious dependency (even on ascii's 0.5.3): UPNP
(trilema) mod6: there was 2 very minor changes to your sed command in there that PinkPosixPXE helped me with. needs to be: sed -i 's/USE_UPNP:=0/USE_UPNP=/1'
(trilema) ben_vulpes: updated with a blank assignation for UPNP: https://www.refheap.com/92126
(trilema) Apocalyptic: <ben_vulpes> so forgive my c makefile naivte, but is there a difference between an USE_UPNP= and just not declaring the variable? // that i do not know, not a bash specialist
(trilema) ben_vulpes: so forgive my c makefile naivte, but is there a difference between an USE_UPNP= and just not declaring the variable?
(trilema) Apocalyptic: anyway use "USE_UPNP=" to build without it
(trilema) ben_vulpes: Apocalyptic: i'm reading in doc/build-unix.txt that the options are USE_UPNP=, USE_UPNP=0 and USE_UPNP=1
(trilema) ben_vulpes: Apocalyptic: do let me know if there's a good reason to keep UPNP in there.
(trilema) ben_vulpes: rips out UPNP support.
(trilema) Apocalyptic: regarding: "20 sed -i '/USE_UPNP:=0/d' ./makefile.unix", why not USE_UPNP:=- ?
(trilema) jurov: ben_vulpes: you really ned upnp? just axe it in da makefile
(trilema) assbot: MiniUPnP download zone
(trilema) ben_vulpes: it would be expedient to download miniupnpc 1.6 from http://miniupnp.free.fr/files/ but what do to prevent mitm of that source?
(trilema) ben_vulpes: am i reading this (https://packages.debian.org/squeeze-backports/miniupnpc) correctly? debian backports only has miniupnpc-1.5?
Download hourly DB snapshot | Get Source Code