Hi,

i bought the Asus WL500g Premium a couple of weeks ago, and by now I really wonder if it is safe. Because when I today checked my Router Webpanel, i saw Ports forwarded in the Status & Log section that I didn´t add. And when I checked in the few ones I added myself, there were no others to delete.

So what happend, did someone hack my Router ? :(

nope, that is UPnP at work;)

basicly what happens is:
your pc wants a port to be opened because it can't communicate trough it, it requests the port to be port-forwared to him via UPnP

you can disable this in the router: IP config -> Miscellaneous ;)

applications like MSN, torrent clients and games use this
it's only working INSIDE your network, so nobody can portforward something from outside (on the internet):)

Thank you, i disabled UPnP. ;) Hopefully that does it.

Wolfseye

the ports might be portforwared for some time tough...
or you have to go back to factory defaults to remove those settings:)

So is it not dangerous to keep UPnP enabed ? Since I am using some of these Softwares, like Torrent, MSN etc. , whats the risk if I keep UPnP enabled ? Do I risk my PC with that for people to exploit that.

Your oppinions would be appreciated.

If you google for "upnp security risk" you'll find enough things to trouble you.

It's not that the router itself is insecure. It's main job is to block connections initiated from the outside and it does that very well. Until UPnP comes in. What UPnP basically means is that any program running on your computer can tell the router to do port forwarding. Normally (ie. without UPnP), you, the person, is the only one who can tell the router to open ports on the outside and forward them to the inside (the LAN) to a computer. But with UPnP any program can do it by itself. So if you get a trojan or something bad from the Web, it can open up your LAN to a lot of trouble.

Not that you wouldn't already be in a lot of trouble, with something bad off the net running on your personal computer. But at least it won't be able to expose your entire LAN even more. And there's more stuff that UPnP can do that can be abused very badly. Read this (http://networking.nitecruzr.net/2006/01/nat-routers-with-upnp-security-risk-or.html) for more details.

So, what I do is I disable UPnP in my routers. If a program needs a port forwarded I'll do it myself, thank you. Sure, UPnP is easier for people who don't know how to do forwarding by hand. But it's not that hard and it's more secure, so that's what I advise you to do: disable UPnP and learn to forward ports in the router admin interface.

so that's what I advise you to do: disable UPnP and learn to forward ports in the router admin interface.

Thats no problem, doing that for some time. Just wondering if there would be much to think about with UPnP. Didn´t check on that yet closely. So I will keep with UPnP disabled and just do the Port forwarding as needed. ;)

Thanks for all your comments. :):)