Tip

Universal Plug and Play -- The bane of XP

Universal Plug and Play is a native feature of Windows XP and can be easily installed on Windows 98, SE and Me. Basically, UPnP expands upon the traditional Plug and Play capabilities of Windows. Instead of limiting a computer to automatically detecting and installing local devices (i.e., those physically connected to the computer), UPnP allows for automatic detection and installation of devices over a network. Thus, just by booting onto a network your client can discover and install network printers, link to Internet gateways or connect to a wide range of network attached devices or services.

That's all well and good until you add the Internet and malicious programmers into the mix. Then things get ugly. UPnP offers the potential for a remote user to connect to your client over the Internet and take complete control. Once UPnP is enabled, it listens on TCP port 5000 and on UDP port 1900 for attempted connections. With just a little ingenuity, a cracker can easily connect into a system through this gaping hole.

Fortunately, Internet Connection Firewall and most third-party firewall products can effectively protect against external attempts to connect to UPnP. However, leaving UPnP open and eagerly listening for connections is not a good idea. You can elect to edit the Registry or run the Microsoft patch (see

    Requires Free Membership to View

MS01-059) to clean up this mess. But I have an even better idea: UnPlug n' Pray.

UnPlug n' Pray is a simple utility from GRC.COM. This simple tool will disable the services used by UPnP. Plus, if you ever need UPnP functionality, UnPlug n' Pray can be used to re-enable the required services with a single click of the mouse. In my opinion, GRC.COM's solution to this problem is more efficient and easier to manage than Microsoft's. While you are at GRC.COM you might want to look around a bit; this is an excellent resource for Windows users, especially those concerned about security.


About the author
James Michael Stewart is a researcher and writer for Lanwrights, Inc.


This was first published in January 2002

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

Disclaimer: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.