What is UPnP – Should You Enable It?
The internet is a global network of devices communicating with each other via servers and gateways. From public networks to private networks, communication happens reliably and instantaneously. UPnP is a protocol that enables an external network to send data to a device sitting behind a firewall on a local network.
But UPnP is not without its downsides. In fact, many security experts conclude that its vulnerability outweighs the convenience it provides. We’ll look into how UPnP works and why it exposes you to risk.
UPnP stands for Universal Plug and Play. You are likely to have heard the term. USB devices are examples of plug-and-play devices that automatically detect other such connected devices and position them to an ever-ready state to begin communication when triggered. It does not require a setup; it simply works because the protocol is a standard that devices of different architectures follow.
How UPnP Works
To understand how UPnP enables convenient communication, you have to understand the difference between private (LAN) and public (WAN) networks. They are also known as internal and external networks, respectively, in that context.
The devices that connect through the router at your home or work form a local network. An IP address is assigned to each device that serves as a unique identifier. But they use a different IP address to communicate with an external network, one that is assigned by the ISP, which is your gateway to the internet.
In addition to an IP address, the device must reveal what port it wants to use. Applications use different ports on the router to communicate with web servers. There are between 1-65535 ports available to use.
UPnP gives programs the trust they need to trigger ports on their own, more commonly known as port forwarding. So, instead of manually configure ports in the router, the applications can open a port in the router and receive incoming requests by bypassing the firewall.
Why UPnP is Considered a Risk
UPnP is designed to provide convenience by letting the applications decide what ports they want to use, instead of the user manually forwarding each. It treats the applications on your device as ‘trustworthy’. What happens when malware on your device triggers remote access? A hacker can bypass the firewall and remotely access the device or discover devices on your network.
If you have IoT devices in the home, UPnP allows you to remotely access and interact with them. A common example is accessing the security camera on your doorstep while you are at work. But it’s a double-edged sword; UPnP can give intruders access to your network and devices.
You might remember Adobe Flash technology that helped create beautifully interactive webpages and enabled playing games in the web browser. The exploit discovered in 2008 took advantage of UPnP and requests ports to be forwarded in the router. It also used a vulnerability to change DNS settings of your router. Altering DNS can route you to malicious domains. But that’s not all, it could even change your Wi-Fi password, all through a simple UPnP request.
Such attacks using UPnP are possible because it does not feature authentication, hence does not verify the legitimacy of inbound requests. Authentication is important today. It’s how TLS handshake verifies the identity of the web server before the exchange of data.
Online gaming is one area where UPnP is popular. Online gaming services use various ports, and they may be different for each game. In a P2P scenario where one player is hosting the match, UPnP will allow other players to join the session. But it also opens up the potential for a DDoS attack by someone who now knows your IP address.
UPnP is regarded as unsafe. The fact that it allows incoming requests to get through the firewall opens up quite a few imaginable threatening scenarios.
It may be a tall order but manually forwarding ports based on the applications that you and use and trust are safe. Not everyone is savvy enough to get around the router’s settings, but several tutorials on the web effectively demonstrate how to port forward in the router step by step.
How to Disable UPnP
UPnP setting is located in your router. Go to your router’s admin panel. You can find the address, also known as the Default Gateway, on the router itself or in the manual. Use a web browser and the credentials to enter the admin settings. Then, navigate to the UPnP menu or Port Forwarding/Port Triggering. The option to disable/enable UPnP should be there.
The Port Forwarding/Port Triggering menu is where you can manually open ports. First, an IP address needs to be assigned to your device. DHCP randomly assigns an IP address to every connected device. The router needs a static IP address to deliver inbound requests to that particular device reliably.
Technologies like UPnP offer convenience but can also be the hole in the ship named privacy and security. It is the best approach to be UPnP disabled and manually open ports for applications that require it. Unless you are someone playing online games or trying to access your network remotely, UPnP has little to offer you.
Start Browsing Privately!
iProVPN encrypts your data for protection against hackers and surveillance. Unblock your favorite streaming platforms instantly with the best VPN for streaming.