How do I turn on UPnP in Vista? What are the advantages and disadvantages
of doing this?

It's on by default.

"Michael Styles" <mlstyles2079@bellsouth.net> wrote in message
news:A9A523F2-7AF6-440E-8F4E-1B3AFF06D3F3@microsoft.com...
> How do I turn on UPnP in Vista? What are the advantages and disadvantages
> of doing this?
>

On Sat, 04 Nov 2006 12:28:57 -0000, Michael Styles
<mlstyles2079@bellsouth.net> wrote:

> How do I turn on UPnP in Vista? What are the advantages and
> disadvantages of doing this?

The advantage, is that port mappings can be opened and closed when needed,
rather than having them mapped permenently. Having port mapping only when
an application needs them, increases security.

While it may increase security at the router it may decrease security
overall. Malware could take control of the router and open ports to allow
any type of access it wants. There are always trade offs.

--
Kerry
MS-MVP Windows - Shell/User
http://www.vistahelp.ca/phpBB2/


"Mark Gillespie" <mark.gillespie******.com> wrote in message
news:op.tihtier2j2q9yy@mark-pc.draytek...
> On Sat, 04 Nov 2006 12:28:57 -0000, Michael Styles
> <mlstyles2079@bellsouth.net> wrote:
>
>> How do I turn on UPnP in Vista? What are the advantages and
>> disadvantages of doing this?
>
> The advantage, is that port mappings can be opened and closed when needed,
> rather than having them mapped permenently. Having port mapping only when
> an application needs them, increases security.

On Sat, 04 Nov 2006 15:12:42 -0000, Kerry Brown
<kerry@kdbNOSPAMsys-tems.c*a*m> wrote:

> While it may increase security at the router it may decrease security
> overall. Malware could take control of the router and open ports to allow
> any type of access it wants. There are always trade offs.
>

I don't subscribe to your argument, as letting the malware on your system,
anything can happen. You can only achieve real security by preventing
these things getting on your network on the 1st place.


--
Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

I agree with your statement. Of course it is better to keep malware out.
UPnP configured routers can help with stopping malware from getting in. If
malware does get in then UPnP becomes a big security hole. I'm not saying
don't use UPnP to configure routers. I use this feature. I'm saying people
should be aware that it is also a possible security risk. Many tools are
also exploitable for things other than that which they are designed for.

--
Kerry
MS-MVP Windows - Shell/User
http://www.vistahelp.ca/phpBB2/


"Mark Gillespie" <mark.gillespie******.com> wrote in message
news:op.tih12dxvj2q9yy@mark-pc.draytek...
> On Sat, 04 Nov 2006 15:12:42 -0000, Kerry Brown
> <kerry@kdbNOSPAMsys-tems.c*a*m> wrote:
>
>> While it may increase security at the router it may decrease security
>> overall. Malware could take control of the router and open ports to allow
>> any type of access it wants. There are always trade offs.
>>
>
> I don't subscribe to your argument, as letting the malware on your system,
> anything can happen. You can only achieve real security by preventing
> these things getting on your network on the 1st place.
>
>
> --
> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/

A few weeks ago I was trying to determine whether the upnp setting in my
router would affect its' providing a wireless connection to Dads' PC
downstairs using dhcp. So in the end I just switched off upnp in the router
firmware and it doesn't seem to have affected anything. I think I also
renamed the SSID label and put in a strong WPA key because I read somewhere
that WPA is more secure that WEP.

....I'll have to have another go at reading up on upnp ....I just had a peek
in Services and it's set to manual and "stopped" / not running atm, so
nothing has come along and started upnp up ! ...so what's the upnp service
in XP, and the upnp switch in the router firmware for ? :-)

regards, Richard


"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
news:Om39wCDAHHA.3604@TK2MSFTNGP04.phx.gbl...
>I agree with your statement. Of course it is better to keep malware out.
>UPnP configured routers can help with stopping malware from getting in. If
>malware does get in then UPnP becomes a big security hole. I'm not saying
>don't use UPnP to configure routers. I use this feature. I'm saying people
>should be aware that it is also a possible security risk. Many tools are
>also exploitable for things other than that which they are designed for.
>
> --
> Kerry
> MS-MVP Windows - Shell/User
> http://www.vistahelp.ca/phpBB2/
>
>
> "Mark Gillespie" <mark.gillespie******.com> wrote in message
> news:op.tih12dxvj2q9yy@mark-pc.draytek...
>> On Sat, 04 Nov 2006 15:12:42 -0000, Kerry Brown
>> <kerry@kdbNOSPAMsys-tems.c*a*m> wrote:
>>
>>> While it may increase security at the router it may decrease security
>>> overall. Malware could take control of the router and open ports to
>>> allow
>>> any type of access it wants. There are always trade offs.
>>>
>>
>> I don't subscribe to your argument, as letting the malware on your
>> system, anything can happen. You can only achieve real security by
>> preventing these things getting on your network on the 1st place.
>>
>>
>> --
>> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
>
>

UPnP in a router allows Windows to open and close ports on the router as
needed. Some programs like MSN Messenger take advantage of this for some
features. The ports remain closed on the router until Messenger needs them.
The security advantage is your ports are closed until needed. The
disadvantage is if malware does get into your computer it could open up
ports on your router to allow traffic for whatever it wants to do.

--
Kerry
MS-MVP Windows - Shell/User
http://www.vistahelp.ca/phpBB2/


"RJK" <notatospam********.com> wrote in message
news:%23tlRWMHAHHA.4428@TK2MSFTNGP04.phx.gbl...
>A few weeks ago I was trying to determine whether the upnp setting in my
>router would affect its' providing a wireless connection to Dads' PC
>downstairs using dhcp. So in the end I just switched off upnp in the
>router firmware and it doesn't seem to have affected anything. I think I
>also renamed the SSID label and put in a strong WPA key because I read
>somewhere that WPA is more secure that WEP.
>
> ...I'll have to have another go at reading up on upnp ....I just had a
> peek in Services and it's set to manual and "stopped" / not running atm,
> so nothing has come along and started upnp up ! ...so what's the upnp
> service in XP, and the upnp switch in the router firmware for ? :-)
>
> regards, Richard
>
>
> "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
> news:Om39wCDAHHA.3604@TK2MSFTNGP04.phx.gbl...
>>I agree with your statement. Of course it is better to keep malware out.
>>UPnP configured routers can help with stopping malware from getting in. If
>>malware does get in then UPnP becomes a big security hole. I'm not saying
>>don't use UPnP to configure routers. I use this feature. I'm saying people
>>should be aware that it is also a possible security risk. Many tools are
>>also exploitable for things other than that which they are designed for.
>>
>> --
>> Kerry
>> MS-MVP Windows - Shell/User
>> http://www.vistahelp.ca/phpBB2/
>>
>>
>> "Mark Gillespie" <mark.gillespie******.com> wrote in message
>> news:op.tih12dxvj2q9yy@mark-pc.draytek...
>>> On Sat, 04 Nov 2006 15:12:42 -0000, Kerry Brown
>>> <kerry@kdbNOSPAMsys-tems.c*a*m> wrote:
>>>
>>>> While it may increase security at the router it may decrease security
>>>> overall. Malware could take control of the router and open ports to
>>>> allow
>>>> any type of access it wants. There are always trade offs.
>>>>
>>>
>>> I don't subscribe to your argument, as letting the malware on your
>>> system, anything can happen. You can only achieve real security by
>>> preventing these things getting on your network on the 1st place.
>>>
>>>
>>> --
>>> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
>>
>>
>

Thanks for your response.
....also, I've issued you a "sorry" ...on another thread somewhere, where my
warped sense of humour back-fired !

regards, Richard


"Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
news:%238ZYyzHAHHA.1196@TK2MSFTNGP02.phx.gbl...
> UPnP in a router allows Windows to open and close ports on the router as
> needed. Some programs like MSN Messenger take advantage of this for some
> features. The ports remain closed on the router until Messenger needs
> them. The security advantage is your ports are closed until needed. The
> disadvantage is if malware does get into your computer it could open up
> ports on your router to allow traffic for whatever it wants to do.
>
> --
> Kerry
> MS-MVP Windows - Shell/User
> http://www.vistahelp.ca/phpBB2/
>
>
> "RJK" <notatospam********.com> wrote in message
> news:%23tlRWMHAHHA.4428@TK2MSFTNGP04.phx.gbl...
>>A few weeks ago I was trying to determine whether the upnp setting in my
>>router would affect its' providing a wireless connection to Dads' PC
>>downstairs using dhcp. So in the end I just switched off upnp in the
>>router firmware and it doesn't seem to have affected anything. I think I
>>also renamed the SSID label and put in a strong WPA key because I read
>>somewhere that WPA is more secure that WEP.
>>
>> ...I'll have to have another go at reading up on upnp ....I just had a
>> peek in Services and it's set to manual and "stopped" / not running atm,
>> so nothing has come along and started upnp up ! ...so what's the upnp
>> service in XP, and the upnp switch in the router firmware for ? :-)
>>
>> regards, Richard
>>
>>
>> "Kerry Brown" <kerry@kdbNOSPAMsys-tems.c*a*m> wrote in message
>> news:Om39wCDAHHA.3604@TK2MSFTNGP04.phx.gbl...
>>>I agree with your statement. Of course it is better to keep malware out.
>>>UPnP configured routers can help with stopping malware from getting in.
>>>If malware does get in then UPnP becomes a big security hole. I'm not
>>>saying don't use UPnP to configure routers. I use this feature. I'm
>>>saying people should be aware that it is also a possible security risk.
>>>Many tools are also exploitable for things other than that which they are
>>>designed for.
>>>
>>> --
>>> Kerry
>>> MS-MVP Windows - Shell/User
>>> http://www.vistahelp.ca/phpBB2/
>>>
>>>
>>> "Mark Gillespie" <mark.gillespie******.com> wrote in message
>>> news:op.tih12dxvj2q9yy@mark-pc.draytek...
>>>> On Sat, 04 Nov 2006 15:12:42 -0000, Kerry Brown
>>>> <kerry@kdbNOSPAMsys-tems.c*a*m> wrote:
>>>>
>>>>> While it may increase security at the router it may decrease security
>>>>> overall. Malware could take control of the router and open ports to
>>>>> allow
>>>>> any type of access it wants. There are always trade offs.
>>>>>
>>>>
>>>> I don't subscribe to your argument, as letting the malware on your
>>>> system, anything can happen. You can only achieve real security by
>>>> preventing these things getting on your network on the 1st place.
>>>>
>>>>
>>>> --
>>>> Using Opera's revolutionary e-mail client: http://www.opera.com/mail/
>>>
>>>
>>
>
>