Tag Archives: router

Check UPnP port mapping on you router

Most modern SOHO routers (like my Asus) support UPnP IGDP  or NAT-PMP protocols to enable hosts on local network to open and map incomming (from WAN) port on router.  While these two are different protocols with different origins, they both serve same purpose, so often they are enabled by a single option in your router configuration ( like in my Asus – there is only one option ‘Enable UPnP’,  but in fact it enables both protocols).

This automatic incomming port port management is very convenient, however it can cause some security problems  in your local network.  Because normaly  neither UPnP nor NAT-PMP is authenticated, all local subnet is basically trusted, it means that any program can open incomming port, as it needs (including  malware programs).  More detailed description about potential UPnP issues is for instance here. Continue reading Check UPnP port mapping on you router