[KLUG Advocacy] OT: uPNP
Mike Williams
knightperson at zuzax.com
Sun Apr 17 23:34:12 EDT 2005
Going off-topic here, but I'll be back by the end of the message. I've
always thought the idea of Microsoft's uPNP (Universal Plug-N-Play) was
a bad idea. As I understand it, it's a way for a machine behind a NAT
router or firewall to request that the firewall open a port for it on
the fly. So an obscure port number could be routed through without
calling the administrator of the firewall to change it. Of course, this
means that a virus could dump a DDOS worm on your machine, and the worm
could unlock the firewall so it could get out, even though the
administrator set up the rules sensibly in the first place (with the
exception of allowing uPNP, of course). I now have to admit that
there's one use for it that's pretty cool. If you use Internet
Connection Sharing on a Windows XP (or 2000, I assume) machine to share
a dial-up connection, the gateway machine advertises the connection
through upnp and a client behind it can control when the modem dials and
hangs up. This is awfully nice if the modem is on a shared phone line,
because it's very hard to explain to the computer when to autodial, when
to hang up, and when to just stay out of the way.
Here's where I go back on topic: Does anybody know how proprietary this
trick is, and whether the gateway machine could do the same under Linux
as it does under XP? I know Linux makes a great firewall / gateway /
NAT router thing for a persistent connection, but how about remote
control of the modem? I know you could shell in and dial that way and
such, but that's allowing way too many options for computer-illiterate
users to screw something up.
More information about the Advocacy
mailing list