Security Incidents mailing list archives
Re: Microsoft Windows ME and TCP/5000
From: Timothy Lyons <Timothy.Lyons () PREDICTIVE COM>
Date: Mon, 5 Mar 2001 19:07:54 -0500
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Sorry for the delay in responding to this thread but I have been on the road. I ran into this on a WinME box a few months back and would almost bet that if you looked, you'd find UPnP is installed on the WinME box. Uninstall it unless you require it and those ports should disappear. This is from the Microsoft Site: http://www.microsoft.com/windowsME/guide/homenetworking/upnp.asp Incorporate Universal Plug and Play (UPnP) devices Windows Me is the first operating system to implement and support Universal Plug and Play (UPnP) networking standards. Universal Plug and Play is a technology initiative supported by Microsoft and more than 80 industry-leading companies in fields such as consumer electronics, home appliances, home security, and computer networking. UPnP defines a set of common technology standards these companies will use in developing new products that can be added quickly and easily to a home network. Universal Plug and Play support in Windows Me lets you: Connect and disconnect a wide array of peripherals such as joysticks, scanners, and camcorders without configuring or rebooting your computer. Take advantage of benefits such as automatic discovery and identification of resources on your network, and simplified interconnection of computers, appliances, and various network types. Easily add new, intelligent appliances, gadgets, and computers to your home network as they come onto the market, without replacing the technology you already use in your home. Be ready for the next generation of smart, networked devices. Theres More At: http://support.microsoft.com/support/kb/articles/Q262/4/58.ASP http://support.microsoft.com/support/kb/articles/Q276/5/07.ASP - --- Tim Lyons Managing Consultant Predictive Systems, Inc. Information Security Practice Mobile: +1 (508) 261-2964 mailto:Timothy.Lyons () predictive com "Vachon, Scott" <Scott.Vachon () PAYMENTECH COM> Sent by: Incidents Mailing List <INCIDENTS () SECURITYFOCUS COM> 03/05/2001 12:53 Please respond to "Vachon, Scott" To: INCIDENTS () SECURITYFOCUS COM cc: Subject: Re: Microsoft Windows ME and TCP/5000
I found "Backweb Server" running on my "New" HP Pavillion and determined it was "factory" installed for some kind of automatic updates. HP tech support didn't know anything about it. You could install some tcp port monitor like TDImon to determine what app is running on the port.
HP knows about it. Tech supp itself does not know about it because it is not in their "scripts." It was one of the first factory installed items I removed from my system. I found I had to remove the backweb software plus about four other "pests" sending data to HP ip addresses. - -S- Disclaimer: My own two cents. -----BEGIN PGP SIGNATURE----- Version: PGP 7.0.1 iQA/AwUBOqQqWbtSoKBmm/2uEQKHJQCgyxFJfkxo5reB3YwlCDTNS2eooMkAoM4U GvpU1F1UIweYWxdGbddmZTPm =c3Gr -----END PGP SIGNATURE-----
Attachment:
pgp.rtf.asc
Description:
Current thread:
- Re: Microsoft Windows ME and TCP/5000, (continued)
- Re: Microsoft Windows ME and TCP/5000 Todd A. Garrison (Mar 01)
- Re: Microsoft Windows ME and TCP/5000 V. L-M (Mar 02)
- Re: Microsoft Windows ME and TCP/5000 Jeff Pults (Mar 05)
- Apache logs John A. Kotulak (Mar 05)
- Re: Apache logs Pedro Ortale Neto (Mar 05)
- Re: Microsoft Windows ME and TCP/5000 V. L-M (Mar 02)
- Re: Microsoft Windows ME and TCP/5000 Todd A. Garrison (Mar 01)
- Re: Microsoft Windows ME and TCP/5000 Joe Matusiewicz (Mar 02)
- Re: Microsoft Windows ME and TCP/5000 Eric Fagan (Mar 05)
- Re: Microsoft Windows ME and TCP/5000 Magus Ba'al (Mar 09)