What is UPnP & Why is it Dangerous?

Hi all, I’m new to streaming and a complete dullard when it comes to understanding the technology and jargon. I searched internet to find out what “UPnP” means and came across this. I dont know anything about the site or author, but am concerned about being hacked as someone recently attempted to hack my credit card, fortunately my card issuer spotted the suspicious transactions and took action. There is reportedly an increase in on line fraud attempts currently as virtual criminals are exploiting lockdown situations.
I will be interested in the comments of the streaming community

Have a read through this thread where the subject was discussed in detail:

1 Like

Thanks Adrian, that’s interesting and helpful.
So, if I’ve understood it correctly, introducing an UPnP streamer to my system and router shouldn’t in itself pose a security risk.

This comment from Simon…

I have Virgin media router, how would I disable UPnP at the router or know whether or not its disabled?
How do I a check for UPnP updates applied by my router as suggested by @Simon-in-Suffolk
In very lay terms if you could please, would be appreciated.
Thanks

I’m not familiar with Virgin Media broadband or their routers but I imagine they automatically manage and update firmware on their routers. You might be able to find details on what VM are changing in their firmware releases on their web site.

To disable UPnP on a VM router a bit of searching reveals you need to log into the router and go to the Advanced Settings page. You should see an entry for UPnP there.

Thanks for your help Adrian, as I said I’m pretty much a total dullard when it comes to IT, Digital stuff. Talk to me about cartridges, phono stages, vta, vtf etc and you speak my language…
So, apologies, but I’m bound to ask, how do I log in to my router?

I think its a fairly up to date model, if it helps it looks like this one

Go into your browser and in the search bar type 192.168.0.1

This is the home address for your router. It will take you to a page that asks for your password. It is on the bottom of your router. NOT the Wi-Fi password, but the Settings Password. Enter this and hit the next button. Then as @Adrian_P says, go to advanced settings, then click upnp, and you will see enabled/disabled. It should be enabled and as @jmtennapel says, leave it that way.

1 Like

Nice one @Graeme thanks and @jmtennapel thank you as well, I’m not planning on fiddling with it but interested in learning and understanding how to check things out if need be
:+1:

If you believe that is necessary in order to enable UPnP streaming from a UPnP server on your home network, then no, that is not the case. A local UPnP streamer will work regardless of the UPnP setting on your router. Enabling this setting opens your router to UPnP access from the Internet, and it is having this setting enabled that some malware is known to exploit.

1 Like

Now you’ve got me guys!
It seems some are saying leave it enabled, others say disable.
Ok, I understand the approach recommending to disable UPnP as a precaution against potential threats from the internet. Assuming it wont affect negatively anything else connected to the WiFi, which would be mobile phones, internet explorer or chrome on laptops and amazon fire sticks, then that approach seems to make sense.
My better half works from home as a travel consultant and internet security is important as she processes customer card payments, data etc. Obviously we have the required anti virus etc software installed and kept updated.
What I havent understood is what would be the benefit or purpose of leaving UPnP enabled? (At the router)

I should maybe have said “It is set as enabled by default”. I looked at my own to make sure I was giving the correct navigation instructions, and it was set to enabled, having never been touched by me.

That having it enabled opens it to attack is worrying, and I will look into it. I should add that I am possibly almost one step ahead of Dread, and in no way an expert in these matters.

@Dreadatthecontrols, my navigation advice is correct. Others are no doubt better placed o advise as to what settings you should use, when and why. Sorry if I caused any confusion.

1 Like

It is rather confusing, Graeme.

Much of the advice on the Internet relating to the security risk of having UPnP enabled is based on malware exploits from some time ago that have in most cases been fixed by the router manufacturers. I would hope that is the case with the VM routers.

The advantage of having it enabled is it allows software on the Internet to automatically have the router manage so-called “port forwarding” – the forwarding of communication ports – from your router to specific machines on your local network that are not (or should not be) visible to the Internet. Some software (which you may or may not be using) relies on this in order to work properly. Disabling the setting would prevent that auto-configuration from happening. If that is the case you can manage the port-forwarding manually in the router settings but you need to know what you are doing there.

If you are ultra-paranoid you can disable it, at the risk of possibly breaking some programs that rely on it. Even if you do so, your local UPnP streaming will not be affected and will still work. Otherwise you can leave it enabled to ensure other things don’t break, and trust in Virgin Media to have fixed the security loopholes.

2 Likes

@Graeme
No apology due or needed. Your instruction is invaluable and very helpful to a digital numpty like me. I wouldnt have had a clue how to access my router without your help.
The question that seems to divide opinion is the question of whether or not to disable UPnP. I understand the reasoning to disable but, and I hope I dont offend anyone, I’m not sure anyone has explained in simple lay terms why not.

If it is a simple matter of switching UPnP off or on in the settings. If anything else, other than the streamer, connected to the WiFi/Router is affected and needs manually configuring, would it not be possible to switch on the UPnP at the router just long enough for it to auto configure then once done switch it back off?

Nice idea, Dread, but it doesn’t really work like that. It’s a much more dynamic auto-configuration process that runs when you use certain types of software.

Turning off the UPnP feature can affect programs like Skype, Facetime, peer-to-peer file sharing and Internet gaming. However, I personally disabled it a long time ago and haven’t had any issues with things we use regularly like Skype, Netflix, Amazon Prime, and, especially more recently, Zoom and Microsoft Teams.

1 Like

Hi the updates I refer to are not firmware updates, but configuration updates from devices using UPnP to configure the router firewall and NAT/PAT settings. I would expect you would see a list of ports and ip addresses opened and mapped via UPnP on a report screen. I am not familiar with the Virgin routers, but the BT SmartHub2 has a page that shows such updates… which you can manually close/clear if you wish.

1 Like

We dont use Skype, Facetime or internet gaming.
My better half does do video conferencing but I dont know what system. So all we have is internet browsing, mobile phones and a couple of amazon fire sticks.
If it’s a simple matter of switching UPnP off as @Graeme has kindly explained, I guess theres no harm in switching it off if it isn’t already and see how it goes.

If you switch it off, you will need to manually configure your router port mapping/forwarding for any application that uses it.
Basic web based applications are unlikely to need this, but other applications may well need, or fall back to a less efficient method if they get an error from the router whilst trying to configure the mappings.
I really would leave on, unless you like being a system administrator :grinning:

2 Likes

Thanks Simon, I havent a clue what NAT and PATs are but I think I get the rough gist of what your explaining.

The term means setting up specific IP address and port address translations. In short it allows external communication between the internet and a device on your home LAN as needed for a specific application.

1 Like

Thanks again Simon, if I were to switch it off and subsequently find issues with anything using it, couldnt I just switch it back on? Trial and error

1 Like