Forums Feature Suggestions Support for UPnP routers

Hello,

There is an increasing number of routers on the market which support the UPnP (Universal Plug and Play) feature. This makes the router work in conjunction with the operating system and applications to create dynamic port forwarding rules in the router for applications on each computer when they need them. This made the life of home or small network administrators a lot easier, they no longer have to manually configure the router for voice chatting with MSN or NetMeeting, as UPnP will automatically create those rules when the application opens a listening socket. Similarily, UPnP support could be helpful in mIRC, for automatic configuration with IDENT requests and DCCing. Windows XP natively supports UPnP (the router will appear in My Network Places as "Internet gateway"), so do other applications from Microsoft (the UPnP group is led by Microsoft), but Windows 2000 and older don't and neither does mIRC. Do you think this is a reasonable request? Can I hope to see it implemented in the following version of mIRC?

Thanks in advance,
puterfixer

I haven't actually followed too far up on UPnP, but from the looks of it, it may be a tad insecure

( http://www.grc.com/unpnp/unpnp.htm )

I have a great respect for Gibson and his work, I've learned a lot about security from his site, but I wouldn't always take his word as absolute truth. Keep in mind that he designed that firewall-testing tool, ShieldsUp if I remember right, which attempts to connect to a FTP server on the Internet, supposedly to check how secure your firewall is. And, of course, most firewalls will allow an outgoing connection to a FTP server (duh, if you have Internet access you probably want HTTP and FTP access) then tell you that your system is vulnerable. Pfft.

Second, UPnP is created by Microsoft, so you can't expect too much of it. However, it can simplify a lot the router configuration in most SoHo networks, where security is not critical. Think of the numerous broadband connections for home where only one PC or maybe two are connected to the router, and the user doesn't know more than "plug in, power up, enjoy." Such folks won't even set a password for their network shares, so the UPnP security is the last problem to consider. But, enabling UPnP in router and having mIRC use this feature would be a huge step forward for the network-noob. After all, most problems I get in #mirchelp on Undernet are about making DCC work through DSL/Cable routers, and people scratch their heads even when they get a step-by-step tutorial with pictures. "Log in to the router?! What's the password? Oh, in the router's manual? But I didn't keep the manual! Manufacturer's site? What's a FAQ? What are virtual server, ports, IP? I don't understand a thing, forget it! This program sucks." You got the picture

Third: I just read GRC's page, and yes - it seems reasonable to disable UPnP on Windows XP, IF it is directly connected to the Internet rather than connected through a UPnP-enabled router. Like any service, it could be exploited somehow, but that doesn't mean it's not useful when used with a router.

Any updates on enabling UPnP support in future mIRC versions? Just keeping the suggestion active.

Personally, due to the security issues which, whether you rely upon Gibson's advice or not, are present with UPnP, I don't think it's that great an idea. Especially as it is not a necessity. Whilst this would make life easier for users, it is not absolutely mandatory for routers to work in conjunction with ident requests or the DCC feature. There are a number of threads which help people set up these features with routers by providing info on which ports are needed and/or how to contact the router manufacturer.

What's more, I think if it were to be incorporated, it'd be important to wait for most people to actually have UPnP. As you say, Win2k does not support it and so I don't suppose Win98/95 [edit for Mentality] do either, or ME.

Basically, although it might be useful for a few, I think this should remain nearer the bottom of the list. It won't be useful to that many people (in relation to the total number of mIRC users anyway), there are security issues related to it and it's still possible for DCC/Ident to work without it.

My 2 cents.

Regards,

* Mentality re-reads post

Sorry for the invention of Windows 96 :P

-6+5

Regards,

I'd like to see this added too.

UPnP support will not be added to older operating systems. Support for Windows 98 and previous versions has ceased, and Microsoft is trying to sell XP now - UPnP being one of its new features. Why would they implement it in older versions and make Windows 2000 users happy for avoiding the upgrade to XP?

But, applications running on older versions of Windows _CAN_ support UPnP. It works flawlessly in MSN Messenger, I was really happy to be able to use MSN Messenger on two networked computers without the need to configure the router at all! UPnP-enabled mIRC could work the same.

UPnP insecurity is irrelevant. Microsoft Windows XP's default setting is enabled, and mIRC can't change that; therefore, the insecurity of the system will still exist. mIRC could have the UPnP features disabled by default too, but at least give people the possibility to use it when they are behind a UPnP-enabled router. By the way, when users are behind the router, their UPnP vulnerability is no longer exploitable from the Internet.

I don't know how else could I argue in favor of adding UPnP features to mIRC. It's all up to Khaled anyways.

I'd like to see this added too.

Being banned from these forums doesn't mean "come back and leave 'me too' replies on your posts", EVH/Rock.

EVH/Rock? who is EVH/Rock? I don't know this person.
My name is Tony how are you I am fine

A new version was released, yet no word on UPnP support. I'd really appreciate an oppinion from Khaled or one of the other developers, if there are any. Thanks in advance.

It is difficult to provide every feature suggestion with thoughts or an excuse on why it wasn't added to the current release, or if it will ever be added. This pressures Khaled into a Yes or No commitment, which tends to cause arguements or hurt feelings if he decides against it or fails to follow through.

I have over a dozen, what I consider reasonable, feature suggestions that I've been waiting for many versions to see. Patience is a virtue.

- Raccoon

I completely understand; didn't intend to force anything, not even an answer. I was simply curious if Khaled finds the idea interesting or at least worth keeping in mind for future improvements. I can only imagine the amount of documentation to read to understand how UPnP works and how to properly implement it; most likely it will take more time to add this feature than solve a few dozen minor bugs. But it could also mean the end of DCC-related problems.

As Gibson states on his site the fault is not UPnP itself, it's Microsoft's UPnP WinXP server. Any mIRC implementation wouldn't use WinXP's server, it would be a client connecting to a different server. It wouldn't make the computer more insecure at all. My support is definitely behind this, my own network could benefit greatly from this and I'm sure there are many others like me.

Edit: Oh, and here's a demo written by someone else who'd like to see mIRC support UPnP: http://www.knoxscape.com/Upnp/NAT.htm
And here's Gibson's own ShieldsUp! demonstrating why not using UPnP can be worse than using it:

give me a break, IPv6 support might not be necessary yet but UPnP should be implemented/supported

Definatly .. it would make dcc so much easier for many users, especially those using laptops that travel from network to network or just for people who arn't that net savy (or lazy like me hehe). UPnP can be insecure but as mentioned before the main problem is that WIndows XP has it enabled as defualt and that isnt appropriate for many users.

I know Khaled doesn't often reply to posts but hopefully he might read this so heres the link for UPnP with c++ under Windows XP:

Microsoft UPnP API

We dont NEED it to be added to the program proper. this can be handeled through a dll (c++ libraries exist for uPnP) and some creative scripting.

Same went for SSL but it was added .. I too would like to see UPnP support added.

This subject has been run into the ground anyway .. he's seen it plenty I'm sure.

I'm surprised nothing has been done towards this.

I'm fairly sure uPNP would be easy enough to implement into mIRC.

Its been discussed so many times in the past, yet no progress seems to be made.