UPnP is a protocol that devices inside separate, NATted networks can use to identify and communicate with each other, with their respective routers co-operating to open up the necessary connectivity and packet forwarding automatically. Secondly, some routers come with a system called Universal Plug and Play (UPnP) turned on by default. If they can figure out how to run unauthorised commands on your router, they can reconfigure the router to enable inbound access for future attacks. In this case, crooks can attack your network by probing for bugs on the router itself. In practice, however, NAT alone simply isn’t enough to keep the crooks out.įirstly, some routers come with externally-facing services of their own, such as a web interface, turned on by default. and your Chromecast media streaming devices. It’s easy to assume that any internal devices behind your router are “invisible by default”, and thus that anything you connect to the private part of your network is safe from discovery and attack – including your computers, phones, tablets, file servers, thermostats, webcams, printers… Unless and until you configure your router to tell it where and how to redirect inbound connection requests, NAT basically acts as a firewall that causes incoming connections to fail harmlessly. NAT therefore has the handy side-effect, in theory at least, of boosting security – by default, your internal devices can’t be probed directly from the outside. If a brand new network request arrives from the outside asking to be sent to your mail server or your web server, for instance, there’s no way for your router to know in advance where to redirect that packet inside the network. The NAT software on your router keeps track of which internal devices have made what outbound network requests to which external servers, and sorts out the inbound replies so that they get back to the right place.īut NAT doesn’t work automatically for inbound traffic. The “trick” used for internet connection sharing is called NAT, short for Network Address Translation, and it’s a way to allow a single home router to divide up your internet connection automatically between any number of devices. That means your ISP only needs to hand out one IP number per household, rather than one IP number per device. …but the truth is that the main reason for having a home router is to support multiple devices through connection sharing. Indeed, it’s tempting to assume that home routers came about specifically to address the security risks inherent in connecting laptops and other home devices straight onto the internet… In recent years, however, we’ve got used to the idea that home computers don’t get plugged directly onto the internet – they typically connect through a router instead, and it’s the router that’s plugged into the internet connection. Other users out there could, literally and figuratively, reach out and probe your computer directly. If you ever used dial-up networking to access the internet, you probably remember it mostly for being cumbersome and slow.īut it was also astonishingly insecure, because your computer – which was probably running Windows 95, Windows 3, or even good old DOS – ended up with a public-facing IP number, connected straight onto to the internet.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |