Turn of uPNP on your router/firewall now!

While this article is flawed in it’s technical understanding/description of uPNP, the consequences of using uPNP on your router/firewall is clearly outlined. Bluntly put, the consequences are severe. A business should NOT be running uPNP on their router/firewall and most homes should NOT be running uPNP either.
If you are not sure if you are using uPNP on your router (unfortunately a lot of consumer routers do this by default), check your router manual, or if you are in the Greater Toronto Area contact us to assist.
Why is this an issue? A uPNP device asks your router/firewall to open ports on your internet connection to allow that device to receive communication from ANY device on the internet. For example, an iOT camera can ask the the router to open port 30500. That way the iOT camera manufacturer can send messages directly to the camera whenever they want. (For something as innocuous as checking if the camera is online. If the camera is offline, the company can send an email/notification that something is wrong with the camera.)
The problem is, the iOT camera may have poor (or no) authentication or proper security measures.
Attackers are learning about devices that can be hijacked by scanning internet devices to see if they respond to queries to ports opened by uPNP. (Port 30500 in our example.) Those devices can then be used to either attack your internal network, or be used as a BotNet to attacked other devices on the Internet.
uPNP is a flawed as it allows ANY device connected to your internal network to open up internet ports without your consent or knowledge. As a best practice, uPNP should always be disabled. Is your Internet connection allowing uPNP? It is in your best interest to find out.
AWC Consulting is available to help if you need assistance.

https://www.wired.com/story/upnp-router-game-console-vulnerabilities-exploited/?mbid=synd_digg

Leave a Reply

Your email address will not be published. Required fields are marked *