Bonjour

Discussion in 'Software' started by skifreak, Jan 25, 2007.

  1. skifreak

    skifreak Private E-2

    I checked my firewall activity and found that "a rule has been created to permit communications" for a file located at C:\ProgramFiles\Bonjour\mDNSResponder.exe
    The entry also noted an Inbound UDP packet.
    I don't use this program, but I do have Quicktime installed. This is a new HP loaded with Windows XP Media Center. I had it configured by HP to be designed for my daughters needs as a musician. We do not participate in any networking or P2P situations. My daughter does have a "My Space" page. Can anyone tell me if the entry on 1/5/07 concerning the inbound UDP packet is suspicious activity indicating an abuse of this program or not? Would it be a good idea to uninstall it?
     
  2. manmachine

    manmachine Private E-2

    Bonjour enables automatic discovery of computers, devices, and services on IP networks. Source code is now available under the terms of the Apache License, you don't have to worry about the program. But for security reasons you should not allow any UDP packet to be sent or accepted no matter the soft is asking for. Default settings on lot of firewalls do block all UDP or Netbios transfers. Only allow TCP protocol.
     
  3. skifreak

    skifreak Private E-2

    The very thing that IS bothering me is that I did not make a rule to allow the acceptance of the UDP package and no one else in this house would know how to do that. That suggests to me that some outside entity changed my settings. I am working major overtime and haven't had time to look at all the default settings for my security features, but it wouldn't seem like default settings would allow this sort of thing.
     
  4. manmachine

    manmachine Private E-2

    What kind of firewall do you run on your HP ? Relying on Windows Security Center bundled firewall is definitely what you should do if you want to experience the exciting world of virii and trojans. And I would bet it takes you a lot longer to clean out an infection than it did for me to type this paragraph.
    Windows doesn't offer any protection against outgoing packets...Better use freeware like Zone Alarm or consider buying a professional suite.
     
  5. skifreak

    skifreak Private E-2

    Norton 2007 came with the computer. Everything that came with the computer said you can only run one antivirus or firewall program at one time. McAfee come free with my Comcast DSL if I want to switch. I have used Zone Alarm free versions and actually Zone Alarm Pro in the past on my old computer.
     
  6. manmachine

    manmachine Private E-2

    A good protection is blocking by default all in/outbounds of UDP packets even for windows system files (like svchost.exe), without any consequence for the OS (according to the logs). You may try to block all UDP traffic and set one by one the rules for each external program asking for permissions, it takes time but saves from the lurking paranoia ;-)
     

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds