• October 11, 2024, 11:40:17 PM
  • Welcome, Guest
Please login or register.

Login with username, password and session length
Advanced search  

News:

This Forum Beta is ONLY for registered owners of D-Link products in the USA for which we have created boards at this time.

Author Topic: Gibson Research Shields Up Test Tool  (Read 6226 times)

FurryNutz

  • Poweruser
  •   ▲
    ▲ ▲
  • *****
  • Posts: 49923
  • D-Link Global Forum Moderator
    • Router Troubleshooting
Gibson Research Shields Up Test Tool
« on: May 20, 2017, 09:46:10 AM »

https://www.grc.com

Check your setup for UPNP vulnerability.  Run the above test. Select the top menu item under Services call Shields UP.

Select Proceed from the next screen. Let the test run. Only takes a few seconds.
The results will be posted with further information. '

Actual test results when passing will look like this:
Universal Plug n'Play (UPnP)
Internet Exposure Test
This Internet probe sends up to ten (10) UPnP Simple Service Discovery Protocol (SSDP) M-SEARCH UDP packets, one every half-second, to our visitor's current IPv4 address (Your WAN IP address) in an attempt to solicit a response from any publicly exposed and listening UPnP SSDP service. The UPnP protocols were never designed to be exposed to the public Internet, and any Internet-facing equipment which does so should be considered defective, insecure, and unusable. Any such equipment should be disconnected immediately.

Your equipment at IP:

Is now being queried:

THE EQUIPMENT AT THE TARGET IP ADDRESS DID NOT RESPOND TO OUR UPnP PROBES!
(That's good news!)

There is no question whether hackers are, in fact, currently sweeping the Internet for the presence of exposed and vulnerable consumer Internet routers in order to gain access to the private networks residing behind them. Just such hacking packets are now being detected across the Internet. Scanning is underway and the threat is real.
Whenever changes are made to your network configuration, whenever you update your router's firmware, and also from time to time just to be sure, you should consider re-running this quick test to confirm that your Internet-facing equipment is continuing to ignore all attempts at its subversion though the Universal Plug n'Play (UPnP) protocols.
Positive results seen
This page has reported 52154 positive “exposed” results.
The count is incremented only once per router IP address, regardless of the number of times the test is performed on an exposed router. Although we do not log the IP addresses of the results, we maintain an “MRU” (most recently used) list in RAM to prevent multiple counts per router.
What results are possible?
It's natural to wonder what other results might have been shown if your Internet equipment were different. So to satisfy that curiosity, here are three sample screens showing each of this test's three possible outcomes:   
A sample “Exposed” result
A sample “Rejected” result
A sample “No Response” result
Logged
Cable: 1Gb/50Mb>NetGear CM1200>DIR-882>HP 24pt Gb Switch. COVR-1202/2202/3902,DIR-2660/80,3xDGL-4500s,DIR-LX1870,857,835,827,815,890L,880L,868L,836L,810L,685,657,3x655s,645,628,601,DNR-202L,DNS-345,DCS-933L,936L,960L and 8000LH.