UPnP

How can I secure my WiFi router?

TP Link Router

Episode 1684

Bruce from Carlin, NV

Bruce wants to know how he can secure his WiFi router. Leo says to first enter the router address (198.x.x.x) and then change the default password. Then, turn off Administer via WLan. This will prevent someone from the outside controlling your router. Step 3, turn off UPNP (aka universal plug-in play). This prevents a device inside of your network, like an Xbox, opening up your router to the internet when you don't want it to. Lastly, turn on WPA2 security encryption.

Why can't I use my Nest Cam with my network?

Nest Cam

Episode 1284

Frank from Pomona, CA

Frank is having trouble installing his Nest Cam. It won't work unless he turns off his firewall. Leo says that's not good. But it's the nature of a firewall, as it blocks a conversation between incoming and outgoing traffic. That's why Leo recommends using a router instead. He can also use the DMZ feature, where he could allow the Nest Cam to bypass protection. Leo doesn't recommend it, but it can be one option.

Am I safe from hackers with "closed" ports?

Episode 1056

Richard from Grand Rapids, MI

Richard ran Shields Up! recently, and it all came back as "stealth." Then he installed iTunes and now three results come back as "closed." Leo says that "closed" is OK. He won't want the results to come back as open. This is why Shields Up! was invented, because software like iTunes ends up making computers visible. Leo also recommends turning off Universal Plug and Play (UPnP).

How can I talk to my dog over the Internet?

Episode 1037

Gary from California

Gary wants to connect to his home network over the internet so he can see his dog via his Samsung camera and talk to him. It requires uPNP to do this. Leo doesn't like uPNP because it has security issues with opening a port to the outside world. The problem is that it's automatic. If malware gets in, it'll open via uPNP and Gary will be vulnerable.

Leo says he can DMZ it or use as guest. Port forwarding is the manual way to do this, and is completely safe. So if he can find out the port that his Samsung camera uses, he could do it that way.

Does DSL Extreme's Router work with XBox Live?

Episode 968

James from San Diego, CA

James wants to know if DSL Exteme's router will work with XBox Live. Leo says that it will work with all internet services. XBox Live configures the router to use Universal Plug n Play, and that's a security issue. So he'll want to use port forwarding to get around that and keep UPnP disabled. There may be a bit of latency, but DSL has less latency than a cable provider.

(Disclaimer: DSL Extreme is a sponsor).

Steve Gibson and the UPnP Bug

Episode 952

Steve Gibson joins Leo to talk about the UPnP bug. It's one of the most nefarious exploits out there and the media isn't talking about it because it's just too "geeky." Security groups scanned over 4.3 Billion routers connected online, looking for a vulnerability. There are hackers probing as well. It's stunning that over 81 million are vulnerable due to a bug in the router software that will give hackers access to their personal networks. Steve advises turning off UPnP in the router settings.

What should I do about a mysterious Windows account that showed up?

Episode 951

Bob from Moreno Valley, CA

Bob turned on his computer and found a new account named "John" on it. Leo says that's cause for concern. It could be a form of malware that gave a hacker remote access to the system. Why they'd choose a standard account, vs. an administrator account is somewhat of a mystery. Steve Gibson talked about a new malware issue that's popped up recently. It's a really nasty flaw in routers that was just discovered last week that exploits universal plug n play. Bob should run GRCs Shields Up to see if his router has that flaw.