Test if Your Router’s UPnP is Exposed to the Internet

Here’s a potential network security threat that many may have overlooked …

Universal Plug ‘n Play (UPnP) is a technology that enables devices to communicate with each other (meaning discovering and connecting) without authentication. So, instead of having to configure devices manually for that, devices like printers, game consoles, the fridge or fax machines use UPnP tp do so automatically so that they can provide their functionality on the network and use other functionality provided by the network, e.g. Internet access, automatically as well.

A issue came to light recently that highlighted that many routers expose UPnP to the Internet as well which in turn provides hackers and malicious users with options to expose this security issue to attack underlying systems through UPnP. This is a big problem as UPnP has been designed to provide its functionality only on local area networks and not public networks.

You can watch the Security Now 389 show which talks about the UPnP issue in detail below if you are interested to find out more about the issue.

In the article linked above I have mentioned a tool that you can use to scan your router to see if it is exposing UPnP to the Internet. Shields UP over at GRC has that functionality now as well. The core benefit here is that it does not require Java which the other tool did.

So, head over to the website right now and click on the proceed button and on the second page on the GRC’s Instant UPnP Exposure Test button to check our router to see if it exposes UPnP or not.

router internet exposure test screenshot

So what is happening when you hit that button?

This Internet probe sends up to ten (10) UPnP Simple Service Discovery Protocol (SSDP) M-SEARCH UDP packets, one every half-second, to our visitor’s current IPv4 address in an attempt to solicit a response from any publicly exposed and listening UPnP SSDP service

It should not take longer than a second for the results to be displayed. If you receive the message that “the equipment at the target IP address actively rejected [the] UPnP probes” then you know that UPnP is not exposed to the Internet by your router.

If you receive a message that the information are exposed, you need to react immediately. You can either check the router manufacturer’s homepage to see if there is a firmware update available that resolves the issue, disable UPnP or go out and shop for a new router that does not expose UPnP to the Internet.

Link to Original Content

Tags: , , , ,

Comments are closed.