[Dshield] MS05-039 exploits prove that pacthing "window" is getting shorter and shorter and...
John B. Holmblad
jholmblad at aol.com
Thu Aug 18 16:10:22 GMT 2005
perhaps I am missing something but from reading of Technet/MSDN
articles, PnP was designed to support hardware installation on the same
computer whereas uPnP has been designed to support installation (e.g.
printers) that are connected to the computer in question via a TCP/IP
stack connection. It is possible that when PnP was designed by
Microsoft, their designers foresaw its ultimate extension to support
the installation of remote devices (i.e. uPnP), and therefore they
implemented communications with the key PnP process "kernel" using the
TCP/IP stack instead of local procedure calls, even though it was not
really needed at the time.
If this supposition is correct, I guess it reveals one of the
fundamental downsides to so-called "closed source" software development,
that is, the lack of sufficient peer review of the underlying software
GSEC Gold,GCWN Gold,GGSC-0100,NSA-IAM
(H) 703 620 0672
(M) 703 407 2278
(F) 703 620 5388
primary email address: jholmblad at aol.com
backup email address: jholmblad at verizon.net
More information about the list