Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
From: Marc Maiffret (marceeye.com)
Date: Wed Jan 30 2002 - 15:02:34 CST
Microsoft MSN Messenger sends out UPNP broadcasts. Are you running
Chief Hacking Officer
eEye Digital Security
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities
| -----Original Message-----
| From: David L Kindred (Dave) [mailto:kindredtelesciences.com]
| Sent: Wednesday, January 30, 2002 8:46 AM
| To: focus-mssecurityfocus.com
| Subject: UPnP on Windows 2000 Pro?
| I have a Windows 2000 Pro machine that seems to be generating UPnP
| traffic (UDP port 1900). Some research on Google leads me to believe
| that UPnP just doesn't exist for Windows 2000. So, that leads to the
| following questions:
| 1) Are the various resources I found with Google out-of-date and is it
| possible to have UPnP running on a W2K box? If so, can it be
| disabled? How did it get enabled in the first place?
| 2) Is there a virus/trojan/worm that uses UDP port 1900 for its own
| 3) Is there anything else that would be generating periodic traffic on
| UDP Port 1900?
| David L. Kindred <mailto:d.kindredtelesciences.com>
| Unix Systems & Network Administrator Telesciences, Inc.
| Phone: +1 856 642 4184 2000 Midlantic Drive, Suite 410
| Fax: +1 856 866 0185 Mount Laurel, NJ 08054 USA