Several years ago, everyone on the Internet was talking about a security bug in Windows' Universal Plug and Play (UPnP) component. This news scared many users to the extent that they never installed or enabled UPnP on their Windows platforms, let alone purchased UPnP devices. But Microsoft fixed the bug long ago, and now many (if not most) networked devices such as media players and broadband routers are UPnP enabled, letting systems administrators remotely manage them. What you might not realize is that other people and applications might be compromising your network's security by modifying devices such as your UPnP broadband router.
Understanding the Threat
Broadband routers are a type of Internet Gateway Device (IGD)—that is, a device that lets you access the Internet. Most people know IGDs by their more common names: router, wireless router, broadband router, cable modem, Network Address Translation (NAT) device, and wireless Access Point (AP). Typically, you can configure IGDs through a Web page hosted on the device. However, some vendors provide configuration utilities that locate and configure the device without user intervention. Such automatic device integration is commonly achieved through UPnP. . . .
