* Matthew Toseland <toad at amphibian.dyndns.org> [2006-04-26 00:27:26]:
> Hmm, not good.. could you keep us informed of the results of the thread? > > On Wed, Apr 26, 2006 at 12:13:02AM +0100, Michael Rogers wrote: > > -----BEGIN PGP SIGNED MESSAGE----- > > Hash: SHA1 > > > > This thread on p2p-hackers might be of interest... > > > > Alex Pankratov wrote: > > > We've recently added UPnP support to our client software and > > > now I got some server-side stats and they are most interesting. > > > > > > Check this out - > > > > > > Roughly a half of all clients that reported success talking to > > > their 'routers' and establishing TCP/UDP port mappings were > > > still inaccessible from an outside via their mapped ports. > > > > > > Our UPnP code is written from scratch, so if the client says that > > > ports are mapped, there was in fact a 200 response for respective > > > SOAP request from the router. > > > > > > I was expecting some degree of failures due to double NAT'ing, > > > additional firewalling, etc .. but 50% ? > > > > > > Anyone care to comment or compare this to their own numbers ? > > > > > > Alex http://wiki.openwrt.org/OpenWrtDocs/upnp seems to confirm that it's not as universal as the name says ;) " Belkin and some other vendors have added "Denial of Service" (DoS) protection to their firewall software, and MSN Messenger audio conversations just happen to be detected as a "UDP flood" attack, which makes the firewall block the connection. The Belkin 7230 router is a problem because it has only 2MB of flash (not enough to run OpenWRT) and yet has DoS protection. The Belkin 7630 also has the problem but the DoS features can be deactivated via a hidden webpage. " NextGen$
