V2008 Internet Security And Upnp Discovery Process (ssdp) Options

[k1200rs]

Since I moved from v10 to 2008 internet security, my UPNP player devices (Freecom MusicPal, Philips SLA5520, Netgear MP101, etc.) on my LAN can no longer find the UPNP media server application running on my VISTA. Hence I can no longer retrieve / play music from my PC.

When I disable the bitdefender firewall, everything works fine, my players can find the UPNP media server. So, this points without any ambiguity to the BitDefender firewall.

I tried different things such as putting the LAN and the devices in the trusted zone, disabling the stealth mode, etc.
Noving worked. I wrote to the support who advised me to do the sames things I had already tried.
They also asked me to disable the scan of shared network drives (I fail to understand the relation between the scan of shared network drives and this UPNP issue...).

I told the support, several times, that in my view the firewall blocks the UPNP discovery based on the SSDP protocol (some network devices are also filtering the SSDP protocol) and that's where they need to look at.

Does anyone have same issue with UPNP / UPNP Players and BitDefender 2008? Given the increased popularity of UPNP media players, I guess I should not be the only one impacted?

[k1200rs]

The wonderful support of Bitdefender.
Since I raised my issue to the Bitdefender helpdesk, a week ago, I am getting every day a 'non-sense' advice or request.
I explained to the support what I think is the issue, but still I am getting advices such as 'disable the scan of your network shared drives' or 'please let us know of the applications that lost connectivity'. Which means that the guy at the other side never read my memos or does not understand the issue. I asked the support to escalate to the developers, but even that seems too difficult.
I have some experience with UPNP and SSDP, but my advices just got ignored.
I am getting fed-up with a product that prevents me from connecting my media players to my PC.
I will answer, one more time, the request from the Indian helpdesk but this will be my very last answer before I say good-bye to this product. (IMG:http://forum.bitdefender.com/style_emoticons/default/angry.gif)

[Cris]

Hello k1200rs,

Sorry for the late response.

UPnP and SSDP use the ports 1900 and 5000 to find devices and to communicate with them. However, these ports are vulnerable to a series of trojans, because they have some unfixed problems. Therefore, BitDefender, by default, blocks these ports. More info about these ports, how these protocols work and the risks they represent can be found here: GRC Port Authority.

You can manually open these ports if you want to, like this:
- open BitDefender Security Center and click Settings
- go to Firewall -> Traffic and click Edit profile
- in the two lists that you'll see (Inbound and Outbound), search for the rules that block the ports 1900 and 5000, double click them, and change the setting to Allow.

This should fix the connectivity problem. However, I cannot test it, because I don't have any devices that work with this protocol, so please let me know if this fixes the problem.

Cris.

[k1200rs]

Cris,

I found only one rule (inbound) that was blocking the port 5000, I 'allowed' the access to the port but that did not change anything. My UPNP media player cannot access the media server application (it does not find the server which means it did not discover it).
I have very few ports blocked and they are other ports such as 135, 2869, etc.

This post has been edited by k1200rs: Mar 10 2008, 09:06 AM

[k1200rs]

Cris,

I found only one rule (inbound) that was blocking the port 5000, I 'allowed' the access to the port but that did not change anything. My UPNP media player cannot access the media server application (it does not find the server which means it did not discover it).
I have very few ports blocked and they are other ports such as 135, 2869, etc.

And when I probe the port using the utility available in GRC Port Authority. it returns the following (for both the port 5000 and 1900).



Port Status Protocol and Application

1900 Stealth ssdp UPnP Simple Service Discovery Protocol


(note: I disabled the 'stealth' mode as well).
I also enabled 5000 for all protocols.
1900 does not seem to be disabled anywhere.

This post has been edited by k1200rs: Mar 10 2008, 09:28 AM

[k1200rs]

Not making any progress...
Please note that in the game mode, the players can find the server.

[gheorghe1800]

i've got a solution for this...
The problem appeared when Strong dc++ tried to configure the ports via UPnp. It stated: "Failed to create port mappings...."
Initially, i thought it was from my router because when i had restarted my computer, the first time it would have succeeded and after that, not. But in reality, the trick was that bitdefender hadn't had time to startup. After bitdefender started up, the error was once again there.

So, what should i do?
Well, the first thing you wanna do in this kind of situation is look for the source of the problem and the natural place to find it is in the firewall rules. And where is that in bitdefender? Well, they are quite well hidden: Settings -> Firewall -> Traffic tab -> Edit Profile. So, here i searched for any rule that blocked one of the ports used by UPnP: 1900 and 5000. I found one with the port 5000 set on Deny in the Inbound rules, then i did right click and Edit rule, then Allow. But that didn't solve entirely my problem.

The next step was to look in the Log file of the firewall (Settings -> Firewall -> Traffic tab -> Activity and press the Show log button). And here i found what I was afraid of:

[BDFNDISF][FILTER] Denied UDP packet. (dir = INBOUND, src addr = 192.168.1.1, src port = 1025, dst addr = 239.255.255.250, dst port = 1900)

So I said, why not adding an Inbound rule to make this port available? That is what I did, and it seems to work. Although, i still get the error from time to time. I'll have to mess around with some new rules and see what happens, to make it stable, although it's very weird that sometimes it works, sometime's not.

Hope this helps...

[gheorghe1800]

ah... i think i solved it at last.

I tried everything, until i observed that if I uncheck the "Enable Internet Conection Sharing (ICS) support" option, everything works fine (dunno why). When I checked it again, the problem reappears.

So, good luck to you too... (IMG:style_emoticons/default/wink.gif)
(and if it works you can try to delete the previous added rule, it seems that this was the real problem)

[MOGIVITE]

ah... i think i solved it at last.

I tried everything, until i observed that if I uncheck the "Enable Internet Conection Sharing (ICS) support" option, everything works fine (dunno why). When I checked it again, the problem reappears.

So, good luck to you too... (IMG:style_emoticons/default/wink.gif)
(and if it works you can try to delete the previous added rule, it seems that this was the real problem)

i can vouch for this, with a bit of an addition

i too tried everything like the original poster, then retried it all on bit defenders support teams advice, no go.

i kept noticing that under windows firewall everything worked.

it was driving me nuts, i had finally decided to use windows firewall when i checked one last thing.

this thread was it.

turning off ics support did the trick.

there were a couple other things i had to do.

i also reset my profile, i then added my router and my ps3 (media server) as trusted zones.

you may only have to do the router but i did both just to be safe.

once ics is turned off when you go to add zones and browse network you will get the option to add your router (called my router) then you will also see your media servers ip address and you can add that too, this is only going to work though if you also use your router to give your media server a static ip.

i can only guess that with ics support turned on bitdefender assumes that the computer you are on IS the router for the private network and therefor assumes that anything comming in must be from the internet not from a private network no matter what and therefor the ics support overides any other settings you have to protect your computer.

but that is only a guess.

i wonder if this was also what was causing the problems with my network printer hmmm....

for the record i was having this problem using total secureity.

i hope bitdefender takes note of this and adds this to their list of automatic trouble shooting options.

This post has been edited by MOGIVITE: Jul 28 2008, 10:02 PM