1

I am wondering what the security implications are between running UPnP or Port Forwarding on my Netgear R6300 router are.... is one better than the other?

If I have UPnP turned on and this test passes successfully (https://www.grc.com/su/UPnP-Rejected.htm), do I have anything to worry about?

Google brings up tons of links, but I wanted to ask some experts.

I ask this because I see things like this in my router log:

[LAN access from remote] from 190.254.53.18:18574 to 192.168.0.100:51413, Monday, Jun 18,2012 22:18:11
[LAN access from remote] from 196.202.208.56:24386 to 192.168.0.100:51413, Monday, Jun 18,2012 22:18:11
[LAN access from remote] from 2.49.247.156:60509 to 192.168.0.100:51413, Monday, Jun 18,2012 22:18:11
[LAN access from remote] from 77.122.207.45:33358 to 192.168.0.100:51413, Monday, Jun 18,2012 22:18:10

Thanks...

NinjaCat
  • 576
  • 1
  • 9
  • 20
  • 2
    You're comparing apples and oranges. uPnP is a communications mechanism that enables devices on a network to set up port forwards for themselves. As such, it's a security nightmare, and has no place on even a well-managed home network let alone a professional network. – EEAA Aug 05 '13 at 20:53

1 Answers1

2

Use manual port forwarding to accomplish what you need.

Enabling UPnP support destroys most of purposes of firewall/NAT, as infected machine now has simple and universal interface to redefine firewall at will (in effect disabling any security)

and your logs are okay, it says that service running on local machine in LAN on port 51413 has been accessed from various IPs from the Ineternet (probably due to application using uPnP to enable access from outside to that port. Or manual forwarding setup)

Matija Nalis
  • 2,409
  • 23
  • 37