Yet Another Router Security Issue
A serious flaw in an estimated 1.2 million routers has been discovered that lets hackers into your home or office network – they can even take control of your network. The problem lies with a feature called NAT-PMP (Network Address Translation – Port Mapping Protocol) which allows you – or someone else – easily setup a connection to things like a security camera or file server.
Ideally, the only way to turn on and configure NAT-PMP is if you’re already connected to your wireless network. However, some routers have NAT-PMP turned on by default and will let anyone outside the network configure it which means that a hacker can snoop on and even control things within your network, or things that you’re monitoring from outside the network. This includes snooping on your Internet browsing, re-directing your browsing to malicious sites, peeking at your security camera video or seeing what Internet-enabled gadgets you have in your home.
Unfortunately, no one knows yet exactly what routers are affected. NAT-PMP is often a feature on Apple, ZyXEL, Linksys and Netgear routers, but the models that might have the wrong settings are unknown. Routers from other companies may be affected as well.
To check if you’re affected, you’ll need to log in to your router. Open your browser of choice and type in the router’s IP address. You can find this in your router manual. Look for the settings involving “NAT-PMP.” You’ll probably see “NAT” or “Network Address Translation” on its own as well. Don’t change those – they aren’t the problem.
Turn off any settings concerning NAT-PMP and “external” or “untrusted” interfaces then save the settings. If you don’t see these settings anywhere, you probably are safe. However, while you’re there, also look at your “port forwarding” settings to make sure there’s nothing on the list you haven’t set up yourself. Anything on that list is a potential weak spot in your security if you don’t know what it does.