Misconfigured Networks Vulnerable to PewDiePie Prank


Show first post

41 replies

Yet.
BCM wrote:

Yet.


With SMBv1 enabled at that time, I wasn't even exposed to the 'Wannacry' attacks back then. I suppose that's due to the router's built-in firewall doing its job.
Userlevel 4
Badge +19
UPnP is used for two things here: the first is the way Sonos devices communicate with each other. It is absolutely required. The "dangerous" UPnP is when routers allow their configurations to be changed via UPnP, to open ports in particular. Devices such as Xbox like to do this in order to produce "open nats" for better multi-player, and security NVR systems use it to allow you to view your videos from the internet at large. However allowing any device on your local network to control your router is hazardous, and I would recommend everyone disable that UPnP feature.
controlav wrote:

UPnP is used for two things here: the first is the way Sonos devices communicate with each other. It is absolutely required. The "dangerous" UPnP is when routers allow their configurations to be changed via UPnP, to open ports in particular. Devices such as Xbox like to do this in order to produce "open nats" for better multi-player, and security NVR systems use it to allow you to view your videos from the internet at large. However allowing any device on your local network to control your router is hazardous, and I would recommend everyone disable that UPnP feature.


As I said, Sonos didn't work properly until I've enabled UPnP in the router; that was back in 2013. So what to do in such case? On the other hand I am neither a gamer nor do I own a CCTV system.
Badge +3
Comcast leverages all their comcast modems to provide XFINITY wifi. In other words, if you have comcast then you are subsidizing their XFINITY wifi network by providing free bandwidth through your wifi. Of course they make more money off of XFINITY which is a separate and distinct service from the regular comcast package. How they covertly enable XFINITY through the modem/router/wap is unclear . I wonder how many of these hacked sonoses were on comcast's ISP
Userlevel 6
Badge +16
bwana wrote:

Comcast leverages all their comcast modems to provide XFINITY wifi. In other words, if you have comcast then you are subsidizing their XFINITY wifi network by providing free bandwidth through your wifi. Of course they make more money off of XFINITY which is a separate and distinct service from the regular comcast package. How they covertly enable XFINITY through the modem/router/wap is unclear . I wonder how many of these hacked sonoses were on comcast's ISP


Virgin Media in the UK does something similar with its cable network. In Virgin's case, the bandwidth does not come out of the subscriber's bandwidth allowance (they reserve an extra 20Mb/s), and the network access provided is entirely separate from the internal domestic network -- as it should be. It's also optional.

I think it's highly unlikely that the XFINITY service has been exploited for these attacks.
Userlevel 7
Badge +21
bwana wrote:

Comcast leverages all their comcast modems to provide XFINITY wifi. In other words, if you have comcast then you are subsidizing their XFINITY wifi network by providing free bandwidth through your wifi. Of course they make more money off of XFINITY which is a separate and distinct service from the regular comcast package. How they covertly enable XFINITY through the modem/router/wap is unclear . I wonder how many of these hacked sonoses were on comcast's ISP


Which is why I use a modem and separate router on my Xfinity connection, rather than a combination device. I don't want to subsidize their hotspot network (enough of my neighbors do already) and I want full control of my router/firewall.

The XFINITY hotspot network has nothing to do with this Sonos issue. Sonos devices can't even use it because of the username/password login that is required. But for more info, that network is completely separate from your own network. It uses a separate service code over Comcast's network, separate bandwidth from your own service, and a separate IP address range too.
Userlevel 7
Badge +20
Smilja wrote:

As I said, Sonos didn't work properly until I've enabled UPnP in the router; that was back in 2013. So what to do in such case? On the other hand I am neither a gamer nor do I own a CCTV system.



I'd try turning it off and see if your Sonos still works, if it does leave it off. If it doesn't submit a diagnostic and contact Sonos support for assistance in getting things working properly.
Stanley_4 wrote:

I'd try turning it off and see if your Sonos still works, if it does leave it off. If it doesn't submit a diagnostic and contact Sonos support for assistance in getting things working properly.


Thanks, Stanley, but I have no problems with the Sonos system and I don't mind leaving UPnP turned on. I try to keep everything up-to-date and I believe that that is a dependable precautionary measure.
Airgetlam wrote:

Or technically, Sonos. I think it's incredibly kind of them to take on the onus of helping you fix your system, as was offered in the post by Ryan S above.






When a person states that they have a router in use other than the one issued by the ISP this "usually" means that the router in use set up by a "tech" person and in general most routers no matter the brand come out of the box with no "open" ports until they are set up to be open through CLI or GUI, so Sonos is NOT doing anything to help by blaming other products. It is the backbone of the API of Sonos that is causing this.
I'm confused. You say the router is misconfigured by someone, and yet you are blaming Sonos, who doesn't do any router configuration.
Airgetlam wrote:

I'm confused. You say the router is misconfigured by someone, and yet you are blaming Sonos, who doesn't do any router configuration.



You're confused because you're not paying attention, I never said it was misconfigured, I said even if a "tech" set up a personal (Other than ISP) router the ports on routers (unless the routers themselves are P.O.S's, which can be the case) by default are all closed unless the "tech" opens them through CLI or GUI,UPnP systems are designed with "special" circumstances, Sonos has a backdoor into all of their players through their API, this has been exploited...Sonos is just as confused by this as you are.
Userlevel 6
Badge +16
Sonos is the onus wrote:

You're confused because you're not paying attention, I never said it was misconfigured, I said even if a "tech" set up a personal (Other than ISP) router the ports on routers (unless the routers themselves are P.O.S's, which can be the case) by default are all closed unless the "tech" opens them through CLI or GUI,UPnP systems are designed with "special" circumstances, Sonos has a backdoor into all of their players through their API, this has been exploited...Sonos is just as confused by this as you are.


I'm not surprised that @Airgetlam is confused. You seem to be saying -- in a very confusing manner -- that Sonos devices somehow configure routers to open up UPnP or API access to the open Internet. This is categorically not the case.
pwt wrote:

Sonos is the onus wrote:

You're confused because you're not paying attention, I never said it was misconfigured, I said even if a "tech" set up a personal (Other than ISP) router the ports on routers (unless the routers themselves are P.O.S's, which can be the case) by default are all closed unless the "tech" opens them through CLI or GUI,UPnP systems are designed with "special" circumstances, Sonos has a backdoor into all of their players through their API, this has been exploited...Sonos is just as confused by this as you are.


I'm not surprised that @Airgetlam is confused. You seem to be saying -- in a very confusing manner -- that Sonos devices somehow configure routers to open up UPnP or API access to the open Internet. This is categorically not the case.



You guys seem to have comprehension issues, here we go: What I said was the UPnP or API of Sonos has a vulnerability that is being exploited, where did you ever see that I said Sonos configured anything???? Let me say it again, just in case you aren't understanding me, S-O-N-O-S has a vulnerability that has been exposed and it is in their API or UPnP and this exposure appears to be linked to crappy routers with weak UPnP protocols.
Userlevel 4
Badge +19
Sonos is the onus wrote:

Let me say it again, just in case you aren't understanding me, S-O-N-O-S has a vulnerability that has been exposed and it is in their API or UPnP and this exposure appears to be linked to crappy routers with weak UPnP protocols.



Where is this "Sonos vulnerability" of which you speak? 95% of its features are through UPnP APIs, as are many other devices. There is no vulnerability there. Any device API becomes vulnerable when users somehow configure their routers to expose their home networks to the internet at large. Its like leaving your front door open, then complaining when someone walks in that front door and runs off with your "vulnerable" TV.
controlav wrote:

Sonos is the onus wrote:

Let me say it again, just in case you aren't understanding me, S-O-N-O-S has a vulnerability that has been exposed and it is in their API or UPnP and this exposure appears to be linked to crappy routers with weak UPnP protocols.



Where is this "Sonos vulnerability" of which you speak? 95% of its features are through UPnP APIs, as are many other devices. There is no vulnerability there. Any device API becomes vulnerable when users somehow configure their routers to expose their home networks to the internet at large. Its like leaving your front door open, then complaining when someone walks in that front door and runs off with your "vulnerable" TV.

I agree and there is no point anyone blaming things like a 'crappy router' etc. Network security is (and always will be) down to the network owner/administrator. There are plenty of things on the market to help keep a LAN secure. Sonos cannot be held to account for other people’s own failures. The Sonos devices are designed to run on a 'secure' network, not one which has vulnerabilities, nor one that is incorrectly configured by its owner.

I have still not seen any such report that a Sonos System is now vulnerable on a correctly secured network.

Reply

    • :D
    • :?
    • :cool:
    • :S
    • :(
    • :@
    • :$
    • :8
    • :)
    • :P
    • ;)

    Cookie policy

    We use cookies to enhance and personalize your experience. If you accept you agree to our full cookie policy. Learn more about our cookies.

    Accept cookies Cookie settings