You could if you checked logs… otherwise it might be hit and miss… as some apps might fall back to less efficient alternatives if your router is unable to support UPnP.
But if you are worried by all means turn off.
1 Like
Both of you @Simon-in-Suffolk & @Adrian_P appear to know your onions here but opinions differ.
Weighing up both your very welcome knowledgable advice (please dont think I’m pitting you against each other).
I think it could be worth trying switching it off and see what happens.
If any application we use starts underperforming or misbehaves, then I wouldnt want or feel confident in messing around with logs, I would just simply switch back on the UPnP and leave it alone.
If all the applications continue to work normally then no problem and I would have introduced an extra layer of internet security.
Or am I still missing something?
No I’m not worried, Im just interested to understand these things, my enquiring mind
Do not meddle in the affairs of wizards for they are subtle and swift to anger …
J RR Tolkien
3 Likes
Dread, I would say if you’re not comfortable setting up manual port forwarding then just leave it on. I turned it off on my router years ago and haven’t noticed any problems that I’ve needed to fix. I just haven’t had the motivation to go and turn it on again, but Simon’s point is well made. I know that apps like Skype try really hard to work if UPnP is not enabled and that might result in it being less efficient.
1 Like
Both yours and Simon’s points are well made and I thank you both.
The point I was making, is that you have had yours turned off for years and not experienced anything needing to be fixed. If I’ve understood correctly, I’m assuming you havent had to manually configure port forwarding during the time since disabling, I could do likewise and simply re enable if anything wasnt working as it should.
In any case, I’m probably not going to meddle, its arguably academic but interesting for me to understand this stuff.
Cheers
…now where have I put those new gramophone records…?
This is all a lot of fuss about nothing!
Please just leave your default router settings alone and let your Naim equipment use upnp for streaming when it wants to.
I can pretty well guarantee that your bank account will not magically be emptied if you do that. I suspect your liking for this or that piece of rock and roll or folk or whatever is of no use to any crook.
I suggest just listen to the music and stop worrying, which ultimately is what SinS is saying, but more politely than me.
Best
David
4 Likes
I personally have never used upnp on a router. I am not letting devices choose what’s allowed in/out. Doesn’t take much work to configure a few ports on trusted devices.
3 Likes
David,
I initially started this thread simply to invite comments on the article that I stumbled across when searching “what is UPnP” as I’m very new to all this and understanding the Jargon and the technology.
It’s not about crooks having any use for the music I might listen to or the use of streamers per se. I was interested to hear views on whether there is any merit to the above article on whether UPnP enabled at the router increases the risk of internet threats, attacks, malware or whatever it’s called.
As someone who very recently was contacted by my card provider of suspicious activity which amounted to attempts to carry out multiple transactions for thousands of Australian dollars (I live in UK!). And with the very real and increasing threat from internet fraudsters exploiting Covid, I dont believe it’s a “fuss” to be mindful of my internet security and privacy and of any measures that can help to improve such.
With respect it is not for you to tell me how to think, I am certainly not “worried”, I’m very relaxed and enjoying my music immensely thank you, as I said just interested.
Put it another way, I’m a cab driver, road safety is important, but I’m not “worried” about it or I would never get behind the wheel, but any potential measures to improve safety are of interest.
If YOU feel it’s a “fuss about nothing” then dont read this discussion
Cheers
Personally I always switch UPnP off at the router, I don’t want any application opening up ports on my router to the Internet. I’ve never had the need and previously used apps such as Skype without issue.
@Dreadatthecontrols …although you may not understand the technology you are asking the right questions to understand more, it’s a big area of expertise.
It’s all about balance at the end of the day, those who are paranoid about security will switch as much functionality off as possible (better still remove it from the system). Those that require total flexibility will switch everything on (generalization). To understand the risk of either requires an understanding of the technology and threats which is exactly what you are trying to do.
1 Like
Perhaps my OP would have been more appropriate for the Padded Cell
The key statement from the article is the following:
When the Pinkslipbot is taking over a consumer laptop, it checks to see if UPnP is enabled. If it is, the Pinkslipbot middle-malware issues a UPnP request to the router to open up a public port.
But how? Is there a router out there that can accept a UPnP command and open a public port?
But just be clear all apps will open up ports to the internet via the router if they need to communicate with the internet.
The choice is whether you let your router open a suitable available port or UPnP or similar can open specific ports that are registered to specific applications. Either way a port is assigned and opened up to the internet.
So … just because you are not using UPnP to configure your router transit address and port mappings - it doesn’t mean that is not happening. If your app talks to the internet using a router with internal RFC1918 addressing (as is the case for 99%+ of broadband routers) there is an internet facing port opened up that maps to a specific internal IP address and port.
With internet access there are many potential vulnerabilities - and the best defence is to ensure your devices or patched and up to date - and PC/Mac security updates are current - and don’t fall for phishing for emails, and follow recommend security practices as suggested by your OS for the machine its running on…
These days you shouldn’t assume your network won’t be compromised ever - the optimum safe approach is to protect your connected machines should that happen… ie the Zero Trust security posture.
There is much scaremongering and misinformation peddled to none technically literate informed individuals.
Agreed although the difference being those ports opened dynamically for apps like web browsing versus those statically configured for unsolicited inbound communications from the Internet, that’s where there’s increased risk.
Agree the risk and vulnerability is expressed differently - but still exists for both… see my post above on Zero Trust. The inbound communication is to a specific port and and address on your internal network remember - so the device should be maintained and protected as discussed above if you want to prevent malware and other vulnerabilities from this and other methods. The Windows Defender firewall is a good tool incorporated into the Windows OS is a good tool in this regard.
Hi Simon
Just saw a good review of the AE1As that you may find interesting:
(Sorry this is off topic.)
Jim
That’s good to know. I used to use McAfee and another well known anti virus set up. But I read, I think from Which? that the best, and it’s free, is the security set up including Windows Defender that comes with Windows 10. I dont recall having any issues since not using those premium priced subscription anti virus packages.
Maybe I was not clear, I was saying about a setup where a router can accept a UPnP command from the internet and open a TCP or UPnP port based on the the instructions from that UPnP packet. As far as I know, there is no such router.
Sorry mis-understood, no I’m not aware of anything that can do that from the Internet side. I would image the UPnP solution (if enabled) is only available on the internal network side of the router (or I would hope so!)
Only skimmed the article but I guess what he is saying is that once your machine/PC is infected with Pinkslipbot malware it can issue UPnP commands on your internal network to see if your router has UPnP enabled…if it does it can then configure a port on your router to be open for BOT communications from the Internet.