Xbox 360 and XBL
Some routers are 'certified' as "Xbox Live Compatible", which is a marketing exercise to promote the router for typical home use. Don't fall for it - it just means the router has UPnP enabled as standard. You don't need UPnP on a typical home router and if you're about to buy one, ensure that it can be disabled from the admin screens, especially in light of this exploit.
To make XBL work on a router without UPnP running, do the following (should work for common Netgear or DLink interfaces, else you'll have to work out the equivalents for your router):
1. Tell the router to always give the Xbox (identified by its MAC address) the same IP each time -OR- set the Xbox to have a static IP. Either way the goal is to make sure the Xbox always has the same IP.
2. Create a new service called XBL88 and set it as TCP and UDP port 88. In the Netgears you can select TCP and UDP and have to specify the start and end port, just make them both 88.
3. Reapeat for a service called XBL3074 for port 3074.
4. In your firewall rules say that anything inbound for the XBL88 and XBL3074 services is forwarded to the IP address reserved earlier for your Xbox. This is two rules in 'Inbound Services' in the Netgears.
5. Make sure you apply changes as you go. Boot up the Xbox and confirm it has the correct IP in the Settings / Network blade. Test the connection to XBL, the NAT type should be 'Open'.
That's it. Forwarding the ports is what UPnP would have done dynamically for you.