04-11-2018 10:28 AM
I was reading a piece in Wired recently about security and the Internet of Things, and the discussion included router vulnerabilities and how the UPnP settings on one’s router leave the it vulnerable to attack.
That led me on a hunt through my files and I discovered this tidbit I saved back in 2014.
Paste this URL into the Address line of your browser once you have accessed the Actiontec settings and it will open up a hidden page where you can disable the IGMP Proxy.
I found an Actiontec video on YouTube discussing setting up UPnP for devices like the Xbox. The video mentioned this hidden page on the router.
When I input the first URL, I found that the IGMP Proxy was enabled; something which may have happened when Verizon updated the router firmware. I am tempted to disable it again.
When I went to the second URL, UPnP, I found the box checked for <Allow other network users to control wireless broadband router’s network features>
And ditto for the box checked for <enable automatic cleanup of old unused UPnP services>
Before I do something I will regret, I’d sure appreciate some advice from some of the sage old hands here.
Solved! Go to Solution.
04-11-2018 03:22 PM
UPnP should always be disabled unless you have a specific need for it, such as having multiple game consoles in the house.
IGMP proxying should be left enabled unless it causes problems. This allows the router to convert Multicast traffic into Unicast traffic, allowing for the network especially wireless devices, to work more efficiently.
12-03-2018 10:07 AM
Not sure if these are still applicable but this shows several forms of upnp that aren't able to be disabled
While testing improvements to the Nessus UPnP implementation we found an information disclosure vulnerability in Verizon's Fios Quantum Gateway G1100. The G1100 has three listening UPnP servers. One the user can disable and two they cannot. This advisory concerns the UPnP server on port 1901 that the user cannot disable.