What is pseudoicsd ?
Pseudoicsd is an UPnP device service program implemented as IGD (Internet Gateway Device).
With this daemon, you can play video and voice chat with WindowsMessenger on WinXP via LinuxRouter.
This supports only 'Add and Delete Port Mapping' function among the work as IGD now. But this is enough to play above.
Pseudoicsd works with Linux 2.2.x.
(now only tested with kernel 2.2.16 -- sorry!)In order to develop this program, I referred to ICS on WinXP, so I named this 'Pseudo ICS daemon'.
Thanks to the UPnP-SDK library which developped by Intel corp.
Caution! -- Before enableing a UPnP function.
The UPnP (Universal Plug and Play) function installed in this LinuxRouter is for enabling use of "UPnP correspondence P2P applications", such as "Windows Messenger."
Conventionally, in order to transmit the packet which reached the global interface to PC inside LAN, "IP filtering", "IP port transmission", etc. needed to be set up.
However, by using a UPnP function, it automates, and even if this work does not set up especially, it can participate in a video meeting etc.
Moreover, since it is determined automatically that a port required for application will not compete, two or more PCs can also receive connection simultaneously (individually).
In this way, although UPnP is a very convenient function, on the other hand, it is accompanied also by big danger.
In order to enable it to access PC inside LAN from the Internet until now, the administrator of a router (it is you) changed a setup of a router each time with it being above.
However, since application comes to do the work freely, it is hard coming to grasp in which filter the hole was able to open when under a UPnP function.
For this reason, what must be most careful of is prevention to the virus of a new species.
Although viruses which send mail freely are discovered so much, the appearance of the "Trojan horse" virus under pretense of UPnP application is expected from now on.
This virus makes a hole in the packet-filter of LinuxRouter in order to prepare the back door for a cracker, and it will create an access route to your PC. (Offcource you are unthinking...)
I think that the port (which the remote control software which can operate other PCs by remote control from the Internet uses) is made into a target first of all.
Please a setup of a password or access authority be not inadequate, or check once again.
Malicious application will require port transmission from the Router. But there is no way which knows the good and evil in the Router.
A hole is made in a filter as it merely says, and port transmission is started.
In order to ensure judgment of these good and evil, personal firewall software (such like a Norton Internet Seculity etc.) is effective.
This kind of software checks to you, saying, "May I transmit a demand truly?", whenever strange application tends to give a demand to the Router.
Please utilize this UPnP function for the above notes on an understanding enough.
Screenshot
Download
- ver.0.3 [2002/4/6] README / pseudoicsd.tar.gz / patches.tar.gz
- ver 0.1 - 0.2
To Developper
- Tips for UPnP SDK
- To support Windows Messenger client -- [Patch]
- The reason which needs the patches for IP_Masq and IP_Portfw.
- UPnP_client_application (such as WindowsMessenger) requests very wide range of communication port(about 1000-65000).
- So it will be conflict with reserved masquerade ports (normary 61000-65096).
- In this port range, ip_masq routine in kernel do not check if the port is already assigned by upnp.
- And in this port range, ipportfw_utility ignore your command without error-messages.
Links
- UPnP SDK for Linux (by Intel corp.)
- ICS (Internet Connection Sharing) by Microsoft
- Etherreal (I analyzed ICS traffics by this great tool!!)
- Good news for kernel2.4 users! [2002/4/9]
Here is modified version that work with iptables by Eric Wirt (Thank you!)
- Good news for BSD users! [2002/9/5]
Here is modified version that work with FreeBSD by Yen-Ming Lee (Great! He made it with 2.4 version.)
My project page@SourceForge.net
- Here.
last updated 02/09/05 -- I added news about BSD port.