NAT-PMP Detection (local network)

Info Nessus Plugin ID 73125

Synopsis

It is possible to create mappings to the local network.

Description

The remote device has the NAT-PMP protocol enabled. This protocol allows any application on the local subnet to request port mappings from the outside to the inside.

Make sure the use of this service is done in accordance to your security policy. Letting any application create dynamic mappings is usually not recommended.

Solution

Filter incoming traffic to UDP port 5351.

Plugin Details

Severity: Info

ID: 73125

File Name: nat_pmp_local.nasl

Version: $Revision: 1.1 $

Type: remote

Published: 2014/03/20

Modified: 2014/03/21

Dependencies: 73124

Risk Information

Risk Factor: Info

Vulnerability Information

Required KB Items: Services/udp/nat-pmp