The idea of printing a document from your home when you’re halfway across the world once sounded impossible. Thanks to UPnP, you can now remotely control various devices that are connected to a local network. Is it safe despite the convenience it offers?
In this article, we’ll cover the following:
What is UPnP?
UPnP stands for Universal Plug and Play. It is a protocol used to allow devices to discover each other on the network. Without UPnP, it will be a hassle to set up a device on a network. Merely connecting a printer to the network does not work, as you’ll need to configure its network settings manually.
As we’re living in a more interconnected world, UPnP removes the need for the tedious setup process. With UPnP, devices are able to automatically acquire an IP address and establish a port to communicate with other devices on the network.
How to Enable UPnP on a Router
Modern routers provide support for this protocol. You can turn it on by accessing the configuration page of your router. The exact ways of doing so differ amongst various manufacturers.
Usually, the settings for Universal Plug and Play are located in the advanced setup section of the router. In some routers, UPnP is enabled by default. Before enabling UPnP on your router, you’ll need to know the vulnerabilities it introduces to the network despite the convenience of plug and play.
Is UPnP safe?
While UPnP offers the convenience of automatically setting up devices on a network, it is also a point of vulnerability. UPnP enables remote access to devices in your home network. That’s how you’re able to control IoT appliances from an app.
What really makes it dangerous is that the protocol assumes that every new device connected to the network is trustworthy. There are no safeguard measures, such as authentication, that ensures the device has permission to connect.
In other words, if you’re able to connect to the LAN-based devices via UPnP, so can hackers manipulating the characteristics of the protocol. By gaining access, hackers, through malicious software, can acquire the local IP address of the connected devices.
By having detailed information and free access to your network, hackers can commit various types of malicious acts. This includes malware injection, DDoS attacks, and stealing sensitive information from the devices.
In the late 2000s, Pinkslipbot, a new form of Trojan was discovered after infecting more than 500,000 banking machines. The Trojan exploits the vulnerability in UPnP by abusing the lack of authentication and injecting itself into the machines.
Another documented attack happened in 2008, in the form of a Flash applet file. When downloaded, the malicious file can open up a port from your browser and allow incoming connections to access your computer.
Considering the millions of records that have been stolen due to exploiting UPnP, you’ll want to take a serious look at if it’s worth compromising security for convenience.
Should You Disable It?
Internet security experts are well aware of the drawback of UPnP. There was an attempt to improve the protocol by adding a user authentication to it. Unfortunately, UPnP-UP was not supported by most devices. Therefore, the router would still grant access to the devices by default.
By design, UPnP isn’t the most secure protocol. If you’re concerned about the risk it poses to the devices in your home, you may want to consider disabling Universal Plug and Play on the router. By turning it off, attackers exploiting UPnP will be blocked.
However, turning off Universal Plug and Play means you’ll need to manually set up port forwarding for the printer, camera, or other devices on the local network. If you’re not familiar with the process, you’ll need to refer to the guideline provided by the router manufacturer.
Summary
To be fair, this protocol that delivers the convenience of simplifying the configuration of a network-connected device. Unfortunately, it has been exploited for malicious parties and has negatively affected some users.
There isn’t a definite solution to UPnP’s vulnerabilities. Like any internet threats, you ought to take proactive solutions, such as installing an anti-malware program and using a VPN for additional protection.