Try port 5000 for TCP and 1900 for UDP.

'ken'

Mark Medici wrote:

> Does anyone have any information on the protocols and/or ports used
> by Universal Plug-n-Play (uPnP)? I'm not looking for specific
> sample code or a working exploit. However, I do want to know if
> this vulnerability can be exploited from the Internet, and if so,
> how to block it at our firewalls and border routers.
>
> Microsoft and CERT announced a vulnerability affecting Windows/XP,
> Windows/Me and, potentially, Windows/98 with Universal Plug-n-Play.
> See http://www.microsoft.com/technet/security/bulletin/MS01-059.asp
> for details.
>
> Obviously, installing Microsoft's patch (Q315000 for Windows/XP, the
> most critical platform) is essential. But users (our own and our
> customers) frequently get new machines or reload existing ones and
> put them on the network for several days before a SysAdmin learns of
> their presence to properly patch them.
>
> If there are specific protocols and/or ports that can be associated
> with Universal Plug-n-Play, then these can be blocked by our
> firewalls, border routers and personal firewalls to protect against
> exploits even if one of our users is remiss in installing patches.
>
> Further information is welcome.
>
>

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]