Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

Zone alarm has security hole or is it me?

Dec 5, 2003 1:58AM PST

I just tested my zone alarm 4.5. And the test said that port 5000/tcp was open and the service is UPnP. Is this a problem? If it is a problem, then is it me or zone alarm's fault?

Discussion is locked

- Collapse -
Re:Zone alarm has security hole or is it me?
Dec 5, 2003 2:01AM PST
- Collapse -
(NT) Yep, download it - that will do it !
Dec 5, 2003 2:06AM PST

.

- Collapse -
Can I just go into services and disable it there?
Dec 5, 2003 2:49AM PST

It's called Universal Plug and Play Device Host, if I disable that will I be safe?

- Collapse -
Re:Can I just go into services and disable it there?
Dec 5, 2003 3:01AM PST

yes, you can disable Universal Plug and Play Device Host safely. That's why I did.

- Collapse -
Donna, Not Exactly...
Dec 5, 2003 3:10AM PST

Although it is "safe" to disable "Universal Plug'n'Play", it doesn't plug the hole. Here's a quote from GRC:

http://www.grc.com/unpnp/unpnp.htm

PLEASE NOTE: There is a great deal of confusion being caused by Microsoft's non-obvious naming of the two UPnP services. This situation is exacerbated by the FBI's NIPC web site, which has unfortunately posted wrong information over the holidays. People are led to believe that disabling the service named "Universal Plug and Play Device Host" disables the UPnP system. But it does not. That service is not even running by default. The correct action is to STOP then DISABLE the service named "SSDP Discovery Service".

You can demonstrate this for yourself by issuing the command "netstat -an" at a command prompt. While the SSDP Discovery service is running, Netstat will show that TCP port 5000 is in the listening state and UDP port 1900 is accepting inbound datagrams. After the SSDP Discovery Service has been stopped those Netstat lines will disappear.


Hope this helps.

Grif

- Collapse -
Re:Donna, Not Exactly...
Dec 5, 2003 3:14AM PST