Linksys router phoning out to IANA?

S

SamuraiInBlack

Supreme [H]ardness
Joined
Oct 10, 2003
Messages
5,771
I'm not sure how accurately I can describe this, but I was watching an IP in PeerGuardian's log stream through every so often in a nice big clump. For some reason I'm watching my router's IP attempt to send packets out to a destination of 239.255.255.250, port 1900, through UDP. I currently have it blocked, or whatever PeerGuardian calls blocking it.

Googling doesn't do much for me on the IP. All I know is it has something to do with IANA Multicast, or that's what comes up for me anyway. It keeps doing this over 11 ports, at approximately 2 minute intervals.

What I don't understand is why I'm picking up the traffic if it's going back to the router directly. It's a Linksys WRT54GS router. Multicasting to my knowledge is disabled on the router, or rather "filtered" according to the settings.

Any idea what's going on?
 
Well, messenger was disabled, but rather than play around with the registry, I decided to try going into services.msc first an disabling the SSDP service it was talking about. I've left Universal Plug and Play devices set to manual.

So far the reference to it hasn't come back and I'm still able to browse the web like normal. Course a reboot changes everything, doesn't it? lol

Edit: I stand corrected. It is now on a different one. Guess I'll have to hack the registry anyway. Awesome!

Edit 2: I'm assuming this is one I insert myself?
 
I read this thread and checked my firewall and noticed the outgoing attempt on 1900 as well. I followed that link but the registry key's name "UPnPMode" isn't there: Software\Microsoft\DirectPlayNATHelp\DPNHUPnP.
 
I decided to add the DWORD registry entry in myself. I figured the worst it could do is either not work or keep me offline, which would simply just mean it was too efficient. lol

So far everything's clean. No random pingouts every two minutes.

On another note, I noticed ICMP signals (pinging maybe? Don't have anything to capture packets and find out) kept happening from various IPs belonging to various ISPs in China. That stopped when I banned entire ranges through PeerGuardian. They kept hitting it for awhile, despite my blocking, then all of a sudden it stopped. The only traffic i get now is when I actually browse a webpage or get an IM, like I should.
 
You must log in or register to reply here.
Back
Top