Router security - PNP

[thewolfe]

I read that I should disable plug and play. I'm looking at settings. Is this it?

[Krom]

UPnP is just a system for automatic port forwarding in the event an application needs a listening port for something (like online games/im clients/vnc/P2P/etc). Disabling it won't really do anything for your security, but might make some features in various UPnP supporting applications stop working.

[thewolfe]

I'll have to get part of the transcript from the "security Now" program I was listening to and it's not up yet.

[thewolfe]

The info starts about half way down page 3 on this transcript. http://www.grc.com/sn/sn-315.pdf

[Krom]

If you follow through on the links and do your research you can see which devices are actually susceptible to a UPnP breach. You would be better served by updating the firmware on your device to a version that fixes the issue, or if the manufacturer has quit releasing security updates for it then you should buy a new router from someone that continues to support their products.

See the list of known buggy firmware devices here:
http://www.upnp-hacks.org/devices.html

[thewolfe]

Thanks Krom. I did see the router companies they were talking about but didn't know if there were other's.. Mine is not among them.

[Jeff250]

By the list's own admission, it is far from exhaustive.

[Krom]

Also keep in mind that the list is old, and almost every device in the list has already been patched.

[Foil]

I've personally disabled UPnP on my router, only because my WHS v1 tries to periodically check/update the port-forwarding via UPnP, but I'd rather handle it myself.