The Test Router Vulnerabilities tool is used to check your router setup and find open ports using UPnP and NAT-PMP which may lead to external access. This feature also lets you close open ports you may find.
Router Setup and Open Ports
For data to pass between the Internet and your network, the information must travel through virtual ‘holes’ in the router’s software, called ports. Ports allow the information to pass in and out of your network, and direct the information to the correct devices.
Think of your router as a house. A port is like your front door. The door is closed unless you want someone to enter your house. Similarly, a port is only opened when it is used. Also like a door, if a port is weak or left open, intruders can enter.
There are 65,535 ports on your router but they are not all permanently open.
Secure ports are either opened manually by the owner of the network or by inbuilt protocols, such as UPnP and NAT-PMP. These protocols are designed to save users the effort of having to manually open ports; they give permission to the devices within the network to open ports on their own.
The Router Vulnerability tool checks for both external public Internet and internal or home network vulnerabilities.
Check Router Vulnerability on Fing Desktop
To check router vulnerability on Fing Desktop, from the Dashboard navigation menu, select Tools > Test Router Vulnerabilities. The Router Vulnerability window displays any open ports and also a summary of your router setup.
Check Router Vulnerability on Fing Mobile App
- Click the Tools tab on the bottom toolbar
- Click the Router vulnerability check widget under the heading Improve your network security
Results
Once the check is completed, Fing will show you:
- Details about your router.
- Details about your setup.
- Open ports on your router (only if vulnerabilities are detected).
If an open port is identified, select the port and close it manually.
Definitions Related to Router Vulnerabilities
Port Forwarding
Port forwarding or port mapping is an application of network address translation (NAT) that redirects a communication request from one address and port number combination to another while the packets traverse a network gateway, such as a router or firewall.
UPnP
Universal Plug and Play (UPnP) is a network protocol that allows compliant devices to automatically set Port forwarding rules for themselves. These devices can be personal computers, printers, security cameras, game consoles, or mobile devices that communicate with each other and share data over your network.
To disable UPnP, access your router's setup page using a web browser. The UPnP settings are usually under Advanced Network settings.
NAT-PMP
Nat-PMP is a similar protocol to UPnP, in that it allows compliant devices to automatically set Port forwarding rules for themselves.
To disable NAT-PMP, you will need to access your router's setup page using a web browser. You will likely find the NAT-PMP settings under Advanced Network settings.
UPnP & NAT-PMP Risks
These protocols are considered a vulnerability because when they are enabled on your devices, they can poke holes in the Router Firewall. This means that if a device is compromised through hacking or malware, your router is open for vulnerabilities.
These protocols allow opening ports and creating port mapping and forwarding automatically, without any authentication.
Open Ports via UPnP or NAT-PMP
When your router allows UPnP or NAT-PMP port forwarding, some programs or applications may open or leave open ports redirecting a communication request from one address and port number combination to another.
An open port is a TCP (Transmission Control Protocol) or UDP (User Datagram Protocol) port number that is actively accepting packets. (UPnP & NAT-PMP are both samples of TCPs). In other words, behind an open port is a system that is receiving communication. By contrast, a closed port rejects or ignores packets.
Further information
Click here for a comprehensive library detailing device vulnerabilities.
Need help?
Click the Submit a request button at the top right of the page.
Comments
0 commentsPlease sign in to leave a comment.