We often hear that we should disable UPnP on our devices. We also hear that UPnP makes our devices vulnerable to cyber attacks. What is UPnP? How does it work? And how does UPnP make our devices more vulnerable? Let’s understand that in more detail.
What is UPnP?
UPnP technology allows device-to-device networking of mobile devices, personal computers, networked home appliances, or other consumer electronics. It is a distributed and open architecture protocol based on standards like TCP/IP, HTTP, XML, SOAP, etc.
Sometimes, when we want to use a printer, we connect it to the home network, and the devices in the network can then communicate with the printer. This is possible because of UPnP. Previously, we would need to manually search for the printer in the network and configure it before other devices could communicate with it.
UPnP is an extension of plug-and-play technology that facilitates the discovery of a hardware component in a system without the need for physical device configuration or user intervention in resolving resource conflicts. Before the plug-and-play technology, users would need to cut and solder connections or configure the hardware device using jumpers and DIP switches.
UPnP architecture supports zero-configuration networking. Zero configuration networking is a set of technologies using which computers and network peripherals can automatically create a usable computer network based on TCP/IP when the devices are interconnected. It does not require manual intervention for that purpose. Without zero-configuration networking, a network administrator has to set up network services, such as Dynamic Host Configuration Protocol or DHCP and DNS, or configure each computer network settings manually. But, using zero-configuration networking makes this manual intervention redundant by automatically assigning network addresses for network devices, automatic distribution and resolution of computer hostnames and automatic location of network services, such as printing devices.
A UPnP-compatible device from any vendor can dynamically join a network, obtain an IP address, announce its name, advertise its capabilities, and learn about the presence and capabilities of other devices in the network. Devices can also disconnect from the network automatically. Moreover, UPnP architecture can optionally enable devices to present a user interface through a web browser.
UPnP stacks are available for most platforms and operating systems.
How does UPnP work?
UPnP can run on a network that uses Internet Protocol or IP. It then leverages protocols like …
0 Comments