Technology in the computer age has always found itself vulnerable to the attacks of the most capable and baddest hackers, people who with great computer skills are able to penetrate the systems of others to do what they want. For several years, one of the main network protocols, Universal Plug and Play (UPnP) has been reported for its vulnerability and all cyber security experts have agreed to disable it on network infrastructures . In technical terms, UPnP is a network protocol (or rather, a set of network protocols) that makes all devices talk to each other.
It is most frequently used by devices to discover other devices on a network and is enabled by default on all routers and on Windows PCs.
Thanks to UPnP you can connect a printer to the network and have it automatically recognized by the computer that has to use it.
In the past and without UPnP it would be necessary to search for it manually and set it so that other devices on the network can find it.
Once connected, the devices on the network can continue to communicate with each other by sending and receiving data.
Hence the term "plug and play": the device connects and immediately becomes usable without having to make manual configurations.
It is one of the most convenient network technologies today, very widespread in home networks, which however presents a serious security hazard.
UPnP went on trial more than 10 years ago when American authorities recommended disabling UPnP settings to minimize the risk of damage. This is happening again, although the problem is different this time.
There are two main flaws that have recently come to light on this communication technology:
- Programming errors;
- outdoor exposure.
The purpose of UPnP is to make devices on a network easily detectable by other devices on the same network.
Unfortunately, some UPnP control interfaces can be exposed on the public Internet, allowing malicious users to find them and access the private devices of a home.
According to a recent study, UPnP problems have made around 40 million devices vulnerable worldwide to hacker infiltration.
However, these security holes mainly affect old computers and old devices, although it cannot be ruled out that you are using a router vulnerable to external attacks.
So to get to the key point of this article, you can know for sure if your router has security problems with the UPnP protocol through a tool developed by the security company Rapid7 that most worried about this problem.
First you can do an online scan to see if the UPnP protocol is exposed on the internet (which in itself does not identify a problem).
Then a scan with the Scannow UPnP tool to check for UPnP security problems on the network infrastructure .
In the event of problems, it is certainly advisable to completely disable UPnP on the router, by accessing its settings (see guide to configure a wifi router or search the internet for the settings for the model used).
As for security holes, this of UPnP is also one of the easiest to deal with; without installing special patches or programs, just deactivate it since for the vast majority of users this service will be superfluous.
