Bugtraq mailing list archives

Re: The easy way to turn off Universal Plug-and-Play in Windows

From: Thor () HammerofGod com
Date: Fri, 28 Dec 2001 11:40:18 -0800


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 08:47 AM 12/28/2001, Richard M. Smith wrote:

This tool also confirmed that the FBI is currently giving out incorrect
instructions on how to protect a Windows XP from the UPNP security
holes.  I followed the FBI instructions, but Steve's utility was still
needed to get the right XP services turned off.  The FBI/NIPC Web page
that needs to get fixed is located at:

   http://www.nipc.gov/warnings/advisories/2001/01-030-2.htm



Many people have this wrong.  I have called NIPC, as well as emailed them, 
to notify them that they incorrectly instructing users to  disable the 
"Universal Plug and Play Device Host" when they should be telling people to 
disable the "SSDP Discovery Service."  Disabling the UPnP does absolutely 
nothing- the issue is within SSDP.

Additionally, one should note that Gibson's tool does, in fact, disable the 
UPnPDH as well, which will kill ICS (and probably other things).   Note 
that ICF/ICS is a different service, but i belive the implementation of ICS 
is via the UPnP protocol which requires the device host to function 
properly.  So saying it turns off the 'right' services is a bit dubious.

AD



-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPCzKoohsmyD15h5gEQJfmQCg2URsVJh6l5wCfs+kMGAj8PamwhgAoNVt
wEVejM3chs2sH0G3LVbCpztW
=EKwq
-----END PGP SIGNATURE-----

Current thread:

The easy way to turn off Universal Plug-and-Play in Windows Richard M. Smith (Dec 28)
- Re: The easy way to turn off Universal Plug-and-Play in Windows Thor (Dec 28)
- Re: The easy way to turn off Universal Plug-and-Play in Windows Thierry (Dec 29)