Should I set UPnP to on or off in a router?
With home network and connectivity at its peak, it’s very important to ensure that the network is always secure. Universal Plug and Play, also known as UPnP, poses a threat to home networks and should always be off. In the guide below, we’ll tell you why it should be off and the threats it poses to your network.
Universal Plug and Play or UPnP is a software protocol that was first developed in 2008 to deal with the problem of configuration and setup of local area networks. Since not many people are tech savvy, many home owners found it difficult to setup local area networks in their home especially where multiple devices are involved. Setting up all these devices to communicate with each other is a challenge for anyone and hence, UPnP was developed.
Now that you know what UPnP is, should UPnP be on or off in a router? It should always be off. UPnP poses a huge security threat to the network since it allows external connections from outside of the network. Attackers may use this to get into your network and access sensitive information. Because of this, always ensure UPnP is off.
Table of Contents
How does UPnP work?
Think of your router as the only entry point for your network. Through therouter, devices can connect to the internet. Furthermore, the router is protected by firewall, meaning that external connections (from the internet) cannot get into your LAN. Howeverif the UPnP is on, the firewall is overruled and you router will be open to external connections, even harmful ones. This is because the UPnP automatically forwards ports to save you the hassle of forwarding manually.
Using UPnP, there is no identification needed from even harmful websites and malicious people such as hackers. The router will always be receiving a command from say, your computer, whether virus infected or not and allowing connection to be established. The virus or malware then allows other harmful programs through your router infecting the whole network. Unfortunately, UPnP is always on by default in many new routers and you have to take an extra step to turn it off. Even the FBI and other security experts recommend you switch off the UPnP.
What is the difference between UPnP and PnP?
UPnP |
PnP |
Usesport forwarding |
Uses port triggering |
Uses static IP |
Uses dynamic IP |
Always chooses the ports that are constantly availables |
Ports only open when triggered |
IP addresses need to be specified |
IP addresses are identified automatically |
Considered a high risk for networksecurity |
Secure network |
Risks associated with turning on UPnP
Malware attacks
Just like legitimate programs, malware, viruses and Trojan horses can enter your local home network through UPnP.A router usually blocks incoming connections but with UPnP switched on, malicious programs can completely bypass the router firewall. This can pose great risk both to your security and privacy. When a Trojan horse or malware enters, it creates a hole in your firewall that allows it to access the devices in your networks from the internet. So if you’re still wondering if leaving UPnP on is good idea, it is certainly a problem.
Flash UPnP attacks
An important thing to note with UPnP is that it does not require any authentication or permissions from you, the user.Routers by default come with UPnP on thereforeyou may never know that it’s on. A flash UPnP attack was first discovered in 2008. It is a uniquely created Flash applet in your web browser that sends UPnP request to your router and forwards it to ports. For instance, an applet asks the router to forward a port X to your computer and by doing this, exposes the port to the internet. Attackers such as hackers usually exploit this vulnerability. Since Flash applets have the ability to change your primary DNS server using UPnP requests, port forwarding will be the least of your worries. When the primary DNS is changed to harmful DNS server, the malicious server can redirect traffic to other websites. You may be wondering what this means. For example, you may type in twitter.com on your browser’s address bar, but twitter.com may be redirected to point or ping to an entirely different website – a malicious one. The main issue with a flash attack is that it is difficult to detect and also difficult to fix.
Poor UPnP implementation
Most of the routers we use do not check input well. This means that a malicious program may force the router to redirect traffic to remote addresses on the internet rather than local IP addresses. The router wouldn’t have much of a choice here. It gets worse if the router if based on Linux because these programs would manipulate UPnP to run commands.
How to deal with UPnP risks?
Turn off UPnP
The short and most obvious answer to this question is to simply turn UPnP off. Every modern router has the option to turn this setting off. By turning the Universal Plug and Play off, your router is able to ignore all requests from devices on your home network keeping your connection secure and private.It also blocks all incoming remote access from the internet.
Limit access through manual configuration
If you don’t want to completely turn off UPnP, another solution is to manually configure your router like people did before UPnP was invented. All router still have this manual configuration although it varies depending on the type and brand. Manual configuration involves identifying which devices need remote access and manually providing the devices with permissions. This is also referred to as ‘port forwarding’. It is done using the IP addresses of the said devices.
Port forwarding is safe because it is only made available for devices that need it. Furthermore, you are able to monitor enabled devices ensuring the network is safe from harmful attacks.
Use VPN
Virtual Private Network is a relatively new technology that is used to disable all port forwarding. It is a much more secure tool although a bit complicated to setup and configure. A VPN may require you to upgrade your modem or router to a better model.
Conclusion
In conclusion, it is clear that there are no benefits to turning on UPnP. If you can, avoid turning it on entirely for the safety of your home network and devices. There are too many risks involved which can compromise your privacy and data.
FAQs
-
What is the major problem associated with UPnP?
Lack of security and privacy. UPnP allows for any website, even harmful ones, to access your computer and home network. It poses a great threat to your network security
-
Is UPnP on by default in routers?
Yes. For most of the routers, UPnP is on and you have to turn it of manually