I am very sorry, this project contains serious vulnerability (CVE-2011-4504 [NIST]).

Please stop using this program. Dec.3 2011 Genmei Mori


Pseudo ICS daemon

What is pseudoicsd ?

Pseudoicsd is an UPnP device service program implemented as IGD (Internet Gateway Device).

With this daemon, you can play video and voice chat with WindowsMessenger on WinXP via LinuxRouter.

This supports only 'Add and Delete Port Mapping' function among the work as IGD now. But this is enough to play above.

Pseudoicsd works with Linux 2.2.x.
(now only tested with kernel 2.2.16 -- sorry!)

In order to develop this program, I referred to ICS on WinXP, so I named this 'Pseudo ICS daemon'.

Thanks to the UPnP-SDK library which developped by Intel corp.

Caution! -- Before enableing a UPnP function.

The UPnP (Universal Plug and Play) function installed in this LinuxRouter is for enabling use of "UPnP correspondence P2P applications", such as "Windows Messenger."

Conventionally, in order to transmit the packet which reached the global interface to PC inside LAN, "IP filtering", "IP port transmission", etc. needed to be set up.

However, by using a UPnP function, it automates, and even if this work does not set up especially, it can participate in a video meeting etc.

Moreover, since it is determined automatically that a port required for application will not compete, two or more PCs can also receive connection simultaneously (individually).

In this way, although UPnP is a very convenient function, on the other hand, it is accompanied also by big danger.

In order to enable it to access PC inside LAN from the Internet until now, the administrator of a router (it is you) changed a setup of a router each time with it being above.

However, since application comes to do the work freely, it is hard coming to grasp in which filter the hole was able to open when under a UPnP function.

For this reason, what must be most careful of is prevention to the virus of a new species.

Although viruses which send mail freely are discovered so much, the appearance of the "Trojan horse" virus under pretense of UPnP application is expected from now on.

This virus makes a hole in the packet-filter of LinuxRouter in order to prepare the back door for a cracker, and it will create an access route to your PC. (Offcource you are unthinking...)

I think that the port (which the remote control software which can operate other PCs by remote control from the Internet uses) is made into a target first of all.

Please a setup of a password or access authority be not inadequate, or check once again.

Malicious application will require port transmission from the Router. But there is no way which knows the good and evil in the Router.

A hole is made in a filter as it merely says, and port transmission is started.

In order to ensure judgment of these good and evil, personal firewall software (such like a Norton Internet Seculity etc.) is effective.

This kind of software checks to you, saying, "May I transmit a demand truly?", whenever strange application tends to give a demand to the Router.

Please utilize this UPnP function for the above notes on an understanding enough.



To Developper


My project page@SourceForge.net

last updated 02/09/05 -- I added news about BSD port.