Rob Kraft's Software Development Blog

Software Development Insights

Don’t let Hackers Configure Your Router, Turn off UPnP

Posted by robkraft on October 23, 2011

Add this step to hardening your home and work networks against attacks from the Internet:

  • Turn your router’s UPnP off.

I previously thought that making sure all ports on the router were closed was sufficient to block attacks from the Internet, but it is not.  If your router supports UPnP, which most do now, you should disable this feature as recently reported by Daniel Garcia at H-Report.com:

http://www.h-online.com/security/news/item/UPnP-enabled-routers-allow-attacks-on-LANs-1329727.html

If you can disable UPnP on the WAN side of the router, do so.  If this isn’t possible, disable UPnP completely on the router.  UPnP is rarely needed by most users, but online gamers may benefit from UPnP to more easily connect to online gaming networks.

This article shows how to turn off UPnP in common Linksys routers:

http://www.informit.com/articles/article.aspx?p=461084

 

Advertisements

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

 
%d bloggers like this: