HQ NETWORKXbox One | Xbox | InstallerDeluxe.Com 1,027 HQ Network UsersHQ Network: 1,027 | Members OnlineGuests: 622 |Guests OnlineMembers: 0

Xbox 360 Forums
Get involved in our Xbox 360 forum discussions..
360-HQ.COM :: Warning: Turn Off UPnP - Avoid Security Vulnerabilities
Warning: Turn Off UPnP - Avoid Security Vulnerabilities
360-HQ.COM Forum Index -> Xbox 360 LIVE Discussions
Post new topic Reply to topic    
 Warning: Turn Off UPnP - Avoid Security Vulnerabilities View previous topic :: View next topic  
 
 
 
 
forahobby
Administrator
Administrator




Joined: May 22, 2003
Posts: 23681
Location: NSW, Australia
XP: 1,727,782

Post Posted: Mon May 27, 2013 5:30 am   
Post subject: Warning: Turn Off UPnP - Avoid Security Vulnerabilities
Reply with quote
 
I have been securing my network at home, and just realized after a recent firmware update that I did a few weeks back has set UPnP to on (on by default), on my NetGear router. I have been having loads of issues the past few weeks with my connection at home, and now it seems to all be related to UPnP. I always port forward rather than use the vulnerable UPnP option in the router, but after the firmware update it reverted to default, today i checked through my settings and turned it off again. While i was having problems i decided to read up on the latest about uPnP. I remember something about the FBI back in early 2000-2001 or something. This is what i found.

TURN OFF UPNP guys, forward your ports manually.

If you turn ON UPnP, there is no need to forward ports on your router, but there are many vulnerabilities. Learn more in the article from forbes i have attached below.

Disable This Buggy Feature On Your Router Now To Avoid A Serious Set Of Security Vulnerabilities
1/29/2013 @ 3:42PM
Quote:

You’ve probably never checked whether your Internet router is set by default to use a harmless-sounding protocol called Universal Plug and Play. If it does, now’s a good time to turn it off.

The protocol, abbreviated UPnP, lets computers, printers, and other devices make themselves easily discoverable to a network router. But new research by the security firm Rapid7 shows that it could also let hackers easily discover and exploit those routers, too. And the problem is “universal,” indeed: A wide-ranging scan of the Internet show that it affects as many as 50 million unique devices.

On Tuesday security researcher Rapid7 released an advisory warning that UPnP allows the remote discovery of between 40 and 50 million UPnP routers, printers, servers and other machines. The company says that software bugs it found in three different implementations of the protocol affect 1,500 vendors and 6,900 different products, including some versions of routers sold by every major vendor, including Cisco’s Linksys division, Belkin, D-Link and Netgear. And while some of those bugs would merely allow affected devices to be temporarily disabled, at least 23 million of the devices are susceptible to full takeover by hackers, potentially becoming a jumping-off point for an attack on the victim’s network behind any firewall.


Source: http://www.forbes.com/sites/andygreenberg/2013/01/29/disable-a-protocol-called-upnp-on-your-router-now-to-avoid-a-serious-set-of-security-bugs/

_________________________________________________________
HQ Network:
www.xbox-hq.com | www.xboxone-hq.com | www.360-hq.com | www.c64-hq.com


View user's profile Send private message Send e-mail Visit poster's website
 
 
 
 
halofan102
Moderator
Moderator




Joined: Jan 17, 2013
Posts: 451
Location: Murica
XP: 18,192

Post Posted: Mon May 27, 2013 5:35 am   
Post subject:
Reply with quote
 
Yeah I've always had trouble setting that stuff up on my Actiontec Q1000 router myself. That stuff has always been a headache for me.

UnPnP is enabled on my router.


But when I try to play halo 2 on my original xbox with kai I can't see the other players.

When I shared internet by ethernet cable to my xbox and set up a separate TCP and UDP port forwarding rules with my router settings online, then I could play on kai better.


View user's profile Send private message Visit poster's website
 
 
 
 
forahobby
Administrator
Administrator




Joined: May 22, 2003
Posts: 23681
Location: NSW, Australia
XP: 1,727,782

Post Posted: Mon May 27, 2013 6:06 am   
Post subject:
Reply with quote
 
halofan102 wrote:

UnPnP is enabled on my router.


But when I try to play halo 2 on my original xbox with kai I can't see the other players.

When I shared internet by ethernet cable to my xbox and set up a separate TCP and UDP port forwarding rules with my router settings online, then I could play on kai better.


Yeh, with UPnp turned off you need to set your xbox with a static ip and port forward everything manually. When you manually open your ports and turn off Upnp it makes it a little fast if you ask me, since the ports are already opened and no request is sent to open the port via uPnP.

_________________________________________________________
HQ Network:
www.xbox-hq.com | www.xboxone-hq.com | www.360-hq.com | www.c64-hq.com


View user's profile Send private message Send e-mail Visit poster's website
 
 
 
 
seriouslycgi1
360-HQ Elite Member
360-HQ Elite Member




Joined: Jul 28, 2012
Posts: 363
Location: New Zealand
XP: 46,402

Post Posted: Mon May 27, 2013 12:12 pm   
Post subject:
Reply with quote
 
yeah upnp,

dlna caught me out with 360, it was listing the contents of the media server cos i forgot to turn it off, i kept saying but i didnt give you access to my smb shares yet how the fudge you got access to them, then it clicked. still wouldnt play anything though even after downloading codecs, but im paranoid i guess.


View user's profile Send private message
 
 
 
 
Amiga1200
V.I.P. Lifetime




Joined: Jun 19, 2012
Posts: 461

XP: 17,252

Post Posted: Mon May 27, 2013 1:16 pm   
Post subject:
Reply with quote
 
^^ unluckily, i'm on some useless POS netgear as well but my "upnp" settings was disabled by default, only really any good for media streams anyway!
(samba share takes up the slack)
..........
god i miss my old belkin ADSL job, had WAY better NW wireless or otherwise across the board!
(i maybe coming back into another oldie 54g effort with it's usb wifi counterpart, then i'll have two usb wifi cards, both belkin! slow but reliable! not like this virgin media sponsored POS, at least with belkin i can wifi to ANY compatible device that's cfg'd for a pair up..) Very Happy

_________________________________________________________
to all my friends... farewell and all the best to future prosperity... and remember, be excellent to each other! Wink


View user's profile Send private message
 
 
 
 
seriouslycgi1
360-HQ Elite Member
360-HQ Elite Member




Joined: Jul 28, 2012
Posts: 363
Location: New Zealand
XP: 46,402

Post Posted: Mon May 27, 2013 11:30 pm   
Post subject:
Reply with quote
 
i miss my smoothwall, i have total control over EVERYTHING with that now i dont care so much there is already too much to do with all the devices different technologies etc its crazy.


View user's profile Send private message
 
 
 
 
forahobby
Administrator
Administrator




Joined: May 22, 2003
Posts: 23681
Location: NSW, Australia
XP: 1,727,782

Post Posted: Wed May 29, 2013 3:35 am   
Post subject:
Reply with quote
 
if you guys want to know something funny, i reconfigured my router back to the way it always used to be, but something weird is happening for me when playing games on Xbox LIVE. ok, i have done speedtest.net and everything is coming up good. My ping is pretty low 10ms, and my upload and download is steady. It's just when i join for example a game of black ops 2, it always forces me as host within a few minutes. After I'm host I can run around the map and hardly anyone can see me.. its so funny. I wish i was recording it. Like 3 guys running around me or should i say where i was.

I always got host in lobbies before but never had this issue. Its only since the latest firmware update i got for my NETGEAR router. strange. anyway, just thought id share.

_________________________________________________________
HQ Network:
www.xbox-hq.com | www.xboxone-hq.com | www.360-hq.com | www.c64-hq.com


View user's profile Send private message Send e-mail Visit poster's website
 
 
 
 
X_Splinter
Moderator
Moderator




Joined: Jul 03, 2004
Posts: 2385
Location: Portugal
XP: 368,740

Post Posted: Wed May 29, 2013 2:45 pm   
Post subject:
Reply with quote
 
Interesting... I am gonna leave it on on my house but I'll probably disable it on my office.

Another tip guys, disable WPS... It's so easy to get a wifi password by cracking WPS

_________________________________________________________


View user's profile Send private message Send e-mail Visit poster's website
 
Display posts from previous:   
  Post new topic  
 
  Reply to topic  
|
 All times are GMT | Page 1 of 1
Jump to:  
 

You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
You cannot attach files in this forum
You can download files in this forum
 

 Members Online (0) / Guests Online (622)
Members Browsing


Legend
Administrator  Moderator  VIP Member  Registered User  Banned Users