Home News Forum Articles
  Welcome back Join CF
You are here You are here: Home | Forum | UPnP or not UPnP? That is the question

You are currently viewing our boards as a guest which gives you limited access to view most of the discussions, articles and other free features. By joining our Virgin Media community you will have full access to all discussions, be able to view and post threads, communicate privately with other members (PM), respond to polls, upload your own images/photos, and access many other special features. Registration is fast, simple and absolutely free so please join our community today.


Welcome to Cable Forum
Go Back   Cable Forum > Computers & IT > Networking

UPnP or not UPnP? That is the question
Reply
 
Thread Tools
Old 21-08-2020, 15:47   #1
roughbeast
cf.mega poster
 
roughbeast's Avatar
 
Join Date: Jul 2008
Location: Coventry
Services: Vodafone/City Fibre Gigafast 900
Posts: 1,781
roughbeast has reached the bronze age
roughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze age
UPnP or not UPnP? That is the question

Good afternoon.

I have a GT AX11000, which I bought for its WAN to LAN throughput to support my 1Gb VM connection, its outstanding wifi performance and for its general general power as a media server. The fact that it is touted as a gamer's server was also a factor, given that my twin 19-year olds both have serious gaming PCs and a good range of games.

With a 1Gb connection the adaptive QoS facility is pretty well useless and, to be honest, WTF (What the Fast) is a waste of subscription fee. The router does feature a nifty method of applying NAT rules from a fairly comprehensive list of games. However, I have come to understand that port forwarding is a pointless if one has UPnP enabled, because that facility allows games and devices to port-forward automatically and seamlessly anyway. Tell me now if I have been misled.

Reading the literature also tells me that UPnP is a security risk because it allows hackers to emulate a legitimate access request and thereby access all my UPnP devices! e.g the webcam I have pointed at my conjugal bed.

However, it hasn't escaped my attention that experts who tell me to switch off UPnP also tend to be selling an advice service or VPN. It is also clear that if I switch of UPnP I have all sorts of IP devices in the house, ranging from printers, to smart plugs, to led hubs and phones that might need manual port forwarding within LAN or to WAN ,if I were to disable UPnP. My router only has capacity, apparently, for 30 open NAT rules. Just counting up the twins PC games, that is 20 used up already if I go down the 'disable UPnP' route.

So, my questions are: 1) Is UPnP really such a security risk? 2) Is port forwarding pointless if UPnP is enabled? 3) Does life as we know it end if we disable UPnP?
__________________
Join Date: Jul 2008
Location: Coventry
Services: FACTCO/CityFibre 1GB FTTP; Asus GT-AX11000 +3 iMesh nodes; Humax 2Tb TV boxes x2; Synology DS920+ used as Plex server
roughbeast is offline   Reply With Quote
Advertisement
Old 24-08-2020, 13:05   #2
roughbeast
cf.mega poster
 
roughbeast's Avatar
 
Join Date: Jul 2008
Location: Coventry
Services: Vodafone/City Fibre Gigafast 900
Posts: 1,781
roughbeast has reached the bronze age
roughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze age
Re: UPnP or not UPnP? That is the question

I guess, from the lack of response, that I have asked a stupid question or a question that is too hard to answer.
__________________
Join Date: Jul 2008
Location: Coventry
Services: FACTCO/CityFibre 1GB FTTP; Asus GT-AX11000 +3 iMesh nodes; Humax 2Tb TV boxes x2; Synology DS920+ used as Plex server
roughbeast is offline   Reply With Quote
Old 24-08-2020, 14:16   #3
joglynne
Born again teenager.
 
joglynne's Avatar
 
Join Date: Feb 2007
Location: Manchester. (VM area 20)
Age: 75
Services: Maxit TV, M250 Fibre BB. Phone-Anytime Chatter
Posts: 13,693
joglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aura
joglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aurajoglynne has a golden aura
Re: UPnP or not UPnP? That is the question

Oh roughbeast I would so love to give you an answer, if only I could understand the question. <<Jo slopes off back to her non-techie corner>>

Hopefully someone will come and discuss your options and I shall read what you both say and then not understand a word either of you say.
__________________
"I intend to live forever, or die trying" - Groucho Marx..... "but whilst I do I shall do so disgracefully." Jo Glynne
joglynne is offline   Reply With Quote
Old 25-08-2020, 11:50   #4
tweetiepooh
Virgin Media Employee
 
tweetiepooh's Avatar
 
Join Date: Sep 2005
Location: Winchester
Services: Staff MyRates BB: VM XXL TV: VM XL Phone : VM XL
Posts: 3,107
tweetiepooh has a bronzed appealtweetiepooh has a bronzed appeal
tweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appealtweetiepooh has a bronzed appeal
Re: UPnP or not UPnP? That is the question

I thought that features of UPnP is that the process on the inside can open a port on firewalls to allow traffic to that process. This makes things nice and easy for users as they don't need to understand about ports/firewalls etc, things just work.
On the downside, just because a device asks for a port to open, do you really want it to? Your CB Webcam could be a case in point. You may be OK for it to connect to your home recorder but if it can use UPnP and it's turned on at the router ...

Things are a bit more complex than this but I don't turn on UPnP on the router. If I have a service I want exposed I can do that manually.
__________________
I work for VMO2 but reply here in my own right. Any help or advice is made on a best-effort basis. No comments construe any obligation on VMO2 or its employees.
tweetiepooh is offline   Reply With Quote
Old 25-08-2020, 20:05   #5
roughbeast
cf.mega poster
 
roughbeast's Avatar
 
Join Date: Jul 2008
Location: Coventry
Services: Vodafone/City Fibre Gigafast 900
Posts: 1,781
roughbeast has reached the bronze age
roughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze ageroughbeast has reached the bronze age
Re: UPnP or not UPnP? That is the question

Quote:
Originally Posted by tweetiepooh View Post
I thought that features of UPnP is that the process on the inside can open a port on firewalls to allow traffic to that process. This makes things nice and easy for users as they don't need to understand about ports/firewalls etc, things just work.
On the downside, just because a device asks for a port to open, do you really want it to? Your CB Webcam could be a case in point. You may be OK for it to connect to your home recorder but if it can use UPnP and it's turned on at the router ...

Things are a bit more complex than this but I don't turn on UPnP on the router. If I have a service I want exposed I can do that manually.
I'm preparing to turn off UPnP by port-forwarding everything that I can think of that might need it, e.g. the teen's games. I guess it will have to be trial and error for everything else.
__________________
Join Date: Jul 2008
Location: Coventry
Services: FACTCO/CityFibre 1GB FTTP; Asus GT-AX11000 +3 iMesh nodes; Humax 2Tb TV boxes x2; Synology DS920+ used as Plex server
roughbeast is offline   Reply With Quote
Reply


Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT +1. The time now is 16:52.


Server: osmium.zmnt.uk
Powered by vBulletin® Version 3.8.11
Copyright ©2000 - 2024, vBulletin Solutions Inc.