Security Incidents mailing list archives

Re: Microsoft Windows ME and TCP/5000

From: "Magus Ba'al" <magusbaal () DIGITALBASTARDS NET>
Date: Fri, 9 Mar 2001 04:47:26 -0700

Tier 2 support at HP will probably know about HP Backweb. It's an
auto-updater to allow HP to stick updates on their servers and let the HP
Backweb client (installed on all HP Pavilion models) connect and grab the
updates. It was an initiative to help reduce calls into Tech Support for
issues that could be resolved by getting the updates. It (supposed to...)
works by downloading when you're idle (reading a webpage/email, forgot to
disconnect, broadband, etc.), and when the update is downloaded, it'll
install it and ask you to reboot. Nice idea, but doesn't exactly work
correctly all the time. Why didn't you wipe the machine and start from
scratch (less HP crap on there :)


"Also, don't forget to visit www.hp.com for online technical support,
available 24 hours a day..." (almost makes you think i used to work there
huh, heh...)



Steven Beverly
Some guy working for some ISP


"Failure is not an option, it comes pre-installed with your Windoze
software..." -Unknown

"He who fights with monsters should look to it that he himself does not
become a monster...when you gaze long into the abyss the abyss also gazes
into you." -Friedrich Nietzsche

"Time is dead...I stabbed him in the eye with a fork." -Poxin


-----Original Message-----
From: Incidents Mailing List [mailto:INCIDENTS () SECURITYFOCUS COM]On
Behalf Of Vachon, Scott
Sent: Monday, March 05, 2001 10:54 AM
To: INCIDENTS () SECURITYFOCUS COM
Subject: Re: Microsoft Windows ME and TCP/5000

I found "Backweb Server" running on my "New" HP
Pavillion and determined it was "factory" installed
for some kind of automatic updates.  HP tech support
didn't know anything about it.  You could install some
tcp port monitor like TDImon to determine what app is
running on the port.


HP knows about it. Tech supp itself  does not know about it because it is
not in their "scripts." It was one of the first factory installed items I
removed from my system. I found I had to remove the backweb software plus
about four other "pests" sending data to HP ip addresses.

-S-

Disclaimer: My own two cents.

Current thread:

Re: Microsoft Windows ME and TCP/5000, (continued)
- Re: Microsoft Windows ME and TCP/5000 George Bakos (Mar 01)
- Re: Microsoft Windows ME and TCP/5000 Todd A. Garrison (Mar 01)
  - Re: Microsoft Windows ME and TCP/5000 V. L-M (Mar 02)
    - Re: Microsoft Windows ME and TCP/5000 Jeff Pults (Mar 05)
    - Apache logs John A. Kotulak (Mar 05)
    - Re: Apache logs Pedro Ortale Neto (Mar 05)
- Re: Microsoft Windows ME and TCP/5000 Bock, John (ISS San Francisco) (Mar 02)
  - Re: Microsoft Windows ME and TCP/5000 Joe Matusiewicz (Mar 02)
    - Re: Microsoft Windows ME and TCP/5000 Eric Fagan (Mar 05)
- Re: Microsoft Windows ME and TCP/5000 Vachon, Scott (Mar 05)
  - Re: Microsoft Windows ME and TCP/5000 Magus Ba'al (Mar 09)
- Re: Microsoft Windows ME and TCP/5000 Timothy Lyons (Mar 06)