Re: [SLUG] MS IM stuff

• Next message: Chuck Hast: "Re: [SLUG] MS IM stuff"
• Previous message: Chuck Hast: "[SLUG] MS IM stuff"
• In reply to: Chuck Hast: "[SLUG] MS IM stuff"
• Next in thread: Chuck Hast: "Re: [SLUG] MS IM stuff"
• Reply: Chuck Hast: "Re: [SLUG] MS IM stuff"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

On Fri, 10 Jun 2005, Chuck Hast wrote:

> Folks,
> I think this stuff is coming through the router/firewall, but not sure.
>
> I have tried to block it but it is still appearing on my local network
> I would like to get rid of it.
>
> UDP (310 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (366 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (294 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (286 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (330 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (306 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (360 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (358 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (362 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
> UDP (354 bytes) from 192.168.1.1:1900 to 239.255.255.250:1900 on eth0
>
> This is SSDP, from what I can see it should be coming from a windows
> machine, but the 192.168.1.1 address is the lan port on my router, so either
> it is coming from the cable network side or the router it's self.
>
> I tried to filter it out and it was still there so I am now wondering
> if the silly router is generating it.

If it's FROM 192.168.1.1 (192.168.*.* is non-routable), it must have come
from inside. (Besides, it says "from" not "to".)
http://www.google.com/search?hl=en&q=%22port+1900%22 has lots of hits on the
phrase "port 1900". If you have no machine with that address, it might be
the router. Check its address.

239.255.255.250 reminds me of an address mask too. Odd range, though.

Fire up netstat ("netstat -A inet -p") and see if you can find out which
program is sending it, if 192.168.1.1 is your computer.

-- 
-eben    ebQenW1@EtaRmpTabYayU.rIr.OcoPm    home.tampabay.rr.com/hactar
  Only two things are infinite, the universe and human stupidity, and
        I'm not sure about the former." - Albert Einstein 
-----------------------------------------------------------------------
This list is provided as an unmoderated internet service by Networked
Knowledge Systems (NKS).  Views and opinions expressed in messages
posted are those of the author and do not necessarily reflect the
official policy or position of NKS or any of its employees.

• Next message: Chuck Hast: "Re: [SLUG] MS IM stuff"
• Previous message: Chuck Hast: "[SLUG] MS IM stuff"
• In reply to: Chuck Hast: "[SLUG] MS IM stuff"
• Next in thread: Chuck Hast: "Re: [SLUG] MS IM stuff"
• Reply: Chuck Hast: "Re: [SLUG] MS IM stuff"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.3 : Fri Aug 01 2014 - 20:05:01 EDT