Windows Firewall accepts an unfiltered three-second unicast response in Windows XP Service Pack 2 (884913)


The information in this article applies to:

  • Microsoft Windows XP Professional SP2
  • Microsoft Windows XP Home Edition SP2

INTRODUCTION

The Windows Firewall feature in Microsoft Windows XP Service Pack 2 (SP 2) accepts a three-second unicast response from any source address. This response is not subject to any filtering. This response must be received on the same port that Windows XP SP2 used to broadcast the original multicast or broadcast message.

This feature enables programs and services that use multicast and broadcast messages to work correctly.

Note This change does not apply to the IPv6 firewall.

MORE INFORMATION

If a program or service is not working correctly, and you want to verify the status of this Windows Firewall feature, follow these steps:
  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type the following, and then press ENTER:

    Netsh firewall show multicastbroadcastresponse

    You receive a message that is similar to the following:
    Multicast/broadcast response mode = Enable
To enable this Windows Firewall feature, follow these steps:
  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type the following, and then press ENTER:

    Netsh firewall set multicastbroadcastresponse enable


To disable this Windows Firewall feature, follow these steps:
  1. Click Start, click Run, type cmd, and then click OK.
  2. At the command prompt, type the following, and then press ENTER:

    Netsh firewall set multicastbroadcastresponse disable

Functionality in Windows XP, Windows XP SP1, and Microsoft Windows Server 2003

The Internet Connection Firewall (ICF) feature in the original release version of Windows XP examines only incoming unicast traffic. In Windows XP SP1 and in Windows Server 2003, ICF examines and blocks unsolicited incoming unicast, multicast, and broadcast traffic.

Unicast, broadcast, and multicast traffic

Unicast traffic is transmitted between a single sender and a single receiver on the network. Broadcast traffic is transmitted to all devices on the network. Multicast traffic is transmitted to all devices on the network that request this traffic. For example, multicast traffic is transmitted to an active program or service that is "listening" for multicast traffic.
Modification Type:MajorLast Reviewed:9/14/2004
Keywords:kbConsumer kbnetwork kbFirewall kbinfo kbtshoot KB884913 kbAudEndUser kbAudITPRO
©2004 Microsoft Corporation. All rights reserved.