Disable Windows Messenger broadcasts on UDP port 1900


In XP, the Simple Service Discovery Protocol (SSDP) discovery service searches
for Universal Plug and Play devices on your home network. SSDP searches for
upstream Internet gateways using UDP port 1900 – a potential security risk many
organizations will want to block. OK, you decide to block SSDP services but to
your surprise, your firewall and network sniffers continue to see the UDP port
1900 packets. You have disabled XP’s SSDP and even Universal Plug and Play
Device Host. Whats going on? This is Universal Plug and Play Network Address
Translation (NAT) traversal discovery used by Messenger. If you run a sniffer
trace, the following information is displayed in the data section of the packet:


SSDP: Method = M-SEARCH
SSDP: Uniform Resource
Identifier = *
SSDP: HTTP Protocol Version = HTTP/1.1
SSDP: Host =
239.255.255.250:1900
SSDP: Search Target =
urn:schemas-upnp-org:device:InternetGatewayDevice:1
SSDP: Mandatory
Extension = “ssdp:discover”
SSDP: Maximum Wait = 3
XP’s Windows
Messenger is attempting to communicate to an Internet host. To block Windows
Messenger’s broadcasts:

Hive: HKEY_LOCAL_MACHINE

Key: Software\Microsoft\DirectPlayNATHelp\DPNHUPnP

Name: UPnPMode

Type: REG_DWORD

Value: 2 disabled
With
UPnPMode=2, Universal Plug and Play Network Address Translation (NAT) traversal
discovery does not occur.

1 thought on “Disable Windows Messenger broadcasts on UDP port 1900”

Leave a Comment

Your email address will not be published.

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

Scroll to Top