Blocking ports with firewall software ?

Hi
I have found someone using the UDP port 1900 on a open network at the public library. They get into my machine and change settings like the sound settings and so on.

Since they only seem to be using port 1900 is it possible to block this port specifically or should I just block all the UDP ports(the UDP protocol seems to be used by Steam and one game that I don't really play anymore)

What effects of blocking all the UDP ports on a windows 7 64 bit system would there be?
Does windows need this protocol to be open for system use? (I don't see anything "system" related coming up in a network sniffing program I am trying out)

I use AVG internet security and it seems to be letting this one person in on port 1900.

Thanks

Why do you think "someone" is using a specific port? I find very difficult to think that, just because a port is open, and even then, that doesn't gives access to change things like sound settings, making me think there is something else roaming around.

Anyway, an open port is irrelevant without a program using it, either listening for connections or using it to initiate them. Particularly about UDP 1900, it's used for SSDP UPnP (look here for reference), which is known to be a vulnerable protocol that should be always disabled (Windows enables this by default). You may want to check the system services and disable "SSDP discovery" to prevent any exploits on it from other programs in your computer.

About disabling all UDP, don't do that, ever.
Several critical protocols run over UDP, of particular importance being DHCP (port 68) and DNS (port 53). DHCP lets you get an IP address automatically, which is crucual on public networks and sometimes in your own too if you don't know a bit of network management. Without DNS, you can't resolve website addresses, breaking 99% of internet. Some other programs may also use UDP for their own purposes (notably games, but many others too).

The proper way to use a firewall would be to block everything by default, but selectively unblock ports/programs that you know you need. At least some UDP and TCP ports must be open for normal operation.

Hi
I don't just "think" this I have seen it while using "Network Traffic view". It lists port 1900 for only up to 1 minute. Then there's the problem which got me to use the public library internet instead of a home base comcast one. I have some small minded children for roomies that had hooked a spiffy little computer up inbetween my outside cable hook and the internet hookup on the end of the house. I watched a roomy actually change the settings on my sound cards levels taking them to all over the board instead of where I had placed them.

If there is a program on the system that has been installed by the roomies when I last setup the machine it has not been able to be found by malwarebytes or any antivirus program to date. (is there a way to find such programs without paying some computer shop to find them)?

Ok SSDP is now disabled, It was started but it's previous state was manual.

So with the firewall software I should have "Interactive" selected instead of automatic?

Thanks for your help.

But I still think the human who is giving me trouble can see my system because of a port being open or not completely "stealthed" from the internet. Now port 1900 says it is stealthed but why it is opening and "connecting" is beyond me. Thats why I would like to add it to AVG to block it from being used but if it is going to make things more dificult for me in the long run...

Alejandro85 said:

Why do you think "someone" is using a specific port? I find very difficult to think that, just because a port is open, and even then, that doesn't gives access to change things like sound settings, making me think there is something else roaming around.

Anyway, an open port is irrelevant without a program using it, either listening for connections or using it to initiate them. Particularly about UDP 1900, it's used for SSDP UPnP (look here for reference), which is known to be a vulnerable protocol that should be always disabled (Windows enables this by default). You may want to check the system services and disable "SSDP discovery" to prevent any exploits on it from other programs in your computer.

About disabling all UDP, don't do that, ever.
Several critical protocols run over UDP, of particular importance being DHCP (port 68) and DNS (port 53). DHCP lets you get an IP address automatically, which is crucual on public networks and sometimes in your own too if you don't know a bit of network management. Without DNS, you can't resolve website addresses, breaking 99% of internet. Some other programs may also use UDP for their own purposes (notably games, but many others too).

The proper way to use a firewall would be to block everything by default, but selectively unblock ports/programs that you know you need. At least some UDP and TCP ports must be open for normal operation.

I have found another program that solved this, and showed me that there are two things happening.

1. There was a person digging up info about me through some software(could not be seen) and having that sent to his email(phishing). blocking port 1900 does not seem to have any effects on other programs except winamp(now disabled).

2. Winamp was also attempting to use port 1900 and 1901 to connect and get info on new version of itself. I have now disabled this feature in winamp.