uPnP Explained

Let’s talk about uPnP.

What is uPnP?

Universal Plug and Play (UPnP) is a set of networking protocols that permits networked devices, such as personal computers, printers, Internet gateways, Wi-Fi access points and mobile devices to seamlessly discover each other’s presence on the network and establish functional network services for data sharing, communications, and entertainment. UPnP is intended primarily for residential networks without enterprise-class devices. (wikipedia.org)

Is uPnP suitable for a business deployment?

UPnP is generally regarded as unsuitable for deployment in business settings for reasons of economy, complexity, and consistency: the multicast foundation makes it chatty, consuming too many network resources on networks with a large population of devices; the simplified access controls don’t map well to complex environments; and it does not provide a uniform configuration syntax such as the CLI environments of Cisco IOS or JUNOS.

New hacks on uPnP

Imagine sitting watching TV and your TV suddenly switches and starts playing something random, that you weren’t expecting. As of 2019-01-03, A new hacking campaign is underway that is targeting Chromecast adapters, Smart TVs, and Google Home in order to play a YouTube video promoting PewDiePie’s channel.

Preventing Chromecast Attacks

The reason these attacks work at all is because the Chromecast devices are utilizing Universal Plug and Play (UPnP) to cause your Internet router to forward public Internet ports to the internal private Chromecast devices.

UPNP is used by local devices and your routers to make it easier for internal private network devices, like TVs, printers, and Chromecast devices, to be usable by remote devices. The problem is that it also exposes them to the Internet, which means attacks like the one described above can occur.

Check if your router is accepting uPnP

Go to grc.com and select “Proceed”, then click orange button “GRC’s Instant uPnP Exposure Test”

How to disable uPnP on your router?

  • D-Link: Advanced > Advanced Network > uPnP
  • Google Wifi: Google Wifi App > Network and General > Under “Network” tap Advanced Networking > uPnP
  • Linksys: Administration > uPnP
  • Netgear: Advanced > Advanced Setup > UPnP
  • Tp-Link: Advanced > NAT Forwarding > uPnP
  • Ubiquiti’s Unifi: Settings > Services > uPnP