Universal Plug and Play (UPnP) is becoming an omnipresent technology and support for it is being added to more and more routers, gateways and DSL modems. Chat clients (MSN Messenger), networked games and gaming networks (X-Box Live and others) depend on UPnP to work correctly. Up until now, there haven't been any real problems with UPnP, except for the occasional buffer overflow. UPnP seems to be working just fine. But it's not! The protocol is unclear and flawed by design and many implementations have security holes you can drive a truck through, leaving your network open to a variety of interesting attacks.

After this lecture you will understand what's wrong with UPnP and why you want to turn it off on your networked devices.