Technology in the computer age has been plagued by insecure features, security vulnerabilities, and general oversights in software architecture. Flash drives can carry keyloggers. Browsers may have backdoors. Windows still has to continuously update security fixes. The good always goes hand in hand with the bad and there is still no end to this problem.
Universal Plug and Play (UPnP) is a technological advancement, which comes with its drawbacks. It's a convenient technology, but that convenience can make the system susceptible to certain problems, if you don't keep an eye on it. Read the following article to learn what UPnP is and how it can jeopardize your online safety.
What is Universal Plug and Play?
Technically, UPnP is a network protocol (or actually a set of network protocols). These protocols outline a specific method of communication that any type of device can use to instantly communicate with each other on the network. In almost all cases, UPnP is used by devices to discover other devices on that particular network. UPnP is very popular today and it would be surprising if you have never used it.
If you're still confused about what UPnP is, try to imagine a printer. The first step is to physically connect the printer to the network (although these days this can be done via WiFi). Previously, you had to manually search for and set up other devices on the network to find that printer. Today, it happens automatically thanks to UPnP.
Once connected, devices on the network can continue to communicate with each other by sending and receiving data. The computer can tell the printer to print the document. Media centers can transmit audio data. Mobile devices can automatically connect to the computer. The possibilities are endless.
The term “plug and play” is becoming more and more popular. You plug in the device and can start using it immediately without having to go through the “nightmare” of setup and configuration. UPnP is one of the most convenient network technologies today. UPnP is mainly used on residential networks instead of business networks.
The dangers of UPnP
UPnP has been criticized over the past decade for a number of security flaws. Previously, the FBI recommended users disable their UPnP settings to minimize risk damage. This happened again, although the specific vulnerability this time was different from the previous one.
What exactly is the problem with UPnP? There are two main vulnerabilities that have been attacked recently:
- Programming errors – There are errors in the actual code that make the UPnP implementation exploitable by bad actors, allowing them to execute malicious code through injection.
- Unintended visibility – The purpose of UPnP is to make devices on a network easily discoverable by other devices on that network. Unfortunately, some UPnP control interfaces can be exposed to the public Internet, allowing bad guys to find and access your private devices.
The US Department of Homeland Security had to recommend that all users disable this protocol, due to these security vulnerabilities. The vulnerabilities have left about 40 million devices around the world vulnerable to hackers. A disturbing truth.
However, don't panic! There is a “consolation” to all of this. These bugs mainly affect older devices, but they can even be patched without having to buy new hardware.
Most UPnP implementations use an open source solution called lilupnp. Technically, any device using a lilupnp version before 1.6.18 will be vulnerable to this threat. However, since most manufacturers will not disclose that information to the common user. You will have to wait until your device manufacturer releases an update that addresses these issues. Until those patches appear, you can completely prevent the problem by disabling UPnP on all your devices.
There are many devices that use UPnP and countless manufacturers for each type of device, so Quantrimang.com It's impossible to include disabling instructions for all of them here, so you should run a Google search for your device and include the phrase “disable UPnP” in the search query.
As far as security vulnerabilities go, this is one of the easier problems to solve. You will have to wait for fixes, avoid using the Internet or reboot into Safe Mode and purge the problematic system. For this problem, all you have to do is disable the UPnP feature and you will be safe for a long time.
Is UPnP attack practical?
It sounds scary, but how likely are you to encounter an attack via UPnP?
If your router is good, it will not have UPnP over WAN, which eliminates the possibility of remote intrusion by hackers using this technology. You will be vulnerable to attacks via LAN (Local Area Network – local network in your home), where one device is infected with malware and spreads throughout the network.
However, if you keep your device safe from malware, browse the web safely, and install one of the best antivirus programs, then chances are you can trust that your device will not spread viruses. If you want to be sure, you can turn off UPnP on your router.
What happens if you turn off UPnP?
If you turn off UPnP, the router will no longer automatically manage ports for each device connected to your router. This means you will need to manually forward ports so they can communicate with each other.
Therefore, you will need to make a decision. Do you like the convenience of UPnP, which allows you to easily connect devices to your LAN? Or are you worried about someone using those channels to cause damage and steal data? If you like convenience, use UPnP and keep your devices safe; if you like security, handle port forwarding manually so they don't get exploited.
How to disable UPnP
If you decide to remove UPnP, you will need to access your router. You'll do this often because you need to access it again every time you need to forward a new port (i.e. when you connect a new device to your network).
Quantrimang.com mentioned disabling UPnP in article 8 steps to increase security for wireless routers, so remember to check if you want to maximize the security of your router.
UPnP is a useful feature, but cybercriminals can exploit it. While you can disable this feature and perform manual port forwarding, some people may never experience a UPnP attack due to good browsing habits and solid security. Therefore, you should consider both reasons when deciding whether to keep UPnP enabled or not.
