Microsoft MSN Messenger sends out UPNP broadcasts. Are you running
messenger?

Signed,
Marc Maiffret
Chief Hacking Officer
eEye Digital Security
T.949.349.9062
F.949.349.9538
http://eEye.com/Retina - Network Security Scanner
http://eEye.com/Iris - Network Traffic Analyzer
http://eEye.com/SecureIIS - Stop known and unknown IIS vulnerabilities

| -----Original Message-----
| From: David L Kindred (Dave) [mailto:kindredtelesciences.com]
| Sent: Wednesday, January 30, 2002 8:46 AM
| To: focus-mssecurityfocus.com
| Subject: UPnP on Windows 2000 Pro?
|
|
| I have a Windows 2000 Pro machine that seems to be generating UPnP
| traffic (UDP port 1900). Some research on Google leads me to believe
| that UPnP just doesn't exist for Windows 2000. So, that leads to the
| following questions:
|
| 1) Are the various resources I found with Google out-of-date and is it
| possible to have UPnP running on a W2K box? If so, can it be
| disabled? How did it get enabled in the first place?
|
| 2) Is there a virus/trojan/worm that uses UDP port 1900 for its own
| purposes?
|
| 3) Is there anything else that would be generating periodic traffic on
| UDP Port 1900?
|
| Thanks.
|
| --
| David L. Kindred <mailto:d.kindredtelesciences.com>
| Unix Systems & Network Administrator Telesciences, Inc.
| Phone: +1 856 642 4184 2000 Midlantic Drive, Suite 410
| Fax: +1 856 866 0185 Mount Laurel, NJ 08054 USA
|

• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]