The rise in reflection and amplification of DDOS that involves UPnP devices has become a serious threat to the Internet infrastructure. It is clearly evident that DDOS attack can be an attack that happens once the system is well identified, developed and incorporated with new resources. The coming future of Internet users could be not very smooth and efficient if these types of attacks continue to develop and refine their techniques and tools. There should be more action from the firmware, application and hardware vendors to mitigate and manage these types of threats.
However, Akamai security experts recommend two ways:
- Blocking source port 1990 traffic to your host to prevent bandwidth loads to services that do not use UPnP service, such as web hosting.
- System hardening as way of minimizing potential threats, which involves:
- blocking all wide-area Network (WAN) – based UPnP requests to client devices,
- Disabling UPnP service on devices where it is not a basic requirement and proactively patching and updating UPnP devices that are open to the Internet.
Read the full article here – http://resources.infosecinstitute.com/ddos-upnp-devices/