myNetKb Disabling PC Anywhere Subnet Scans

Article: 20000626-001
Title: Disabling PC Anywhere Subnet Scans
Created: 06/26/2000
Modified: 06/26/2000
Author: L. Baldwin

PC Anywhere pings are commonly NOT a real attack. By default, the PC Anywhere Remote will send a User Datagram Packet (UDP) query to all hosts on ALL connected subnets. This is a means to "auto-detect" all possible PC Anywhere "Hosts" that you could connect to. This behavior is acceptable when PC Anywhere is used withing a corporate network. However, when you are connected to the Internet, these UDP queries are interpreted by others as an attempt to connect to their systems. If you use PC Anywhere frequently, you most certainly will have a mob of angry neighbors reporting your to your ISP's abuse department.

To eliminate this behavior, set the registry key:

HKEY_LOCAL_MACHINE\SOFTWARE\Symantec\pcANYWHERE\CurrentVersion\SystemTCPIPNetBroadcast=0

For details on this registry key, see:

PC Anywhere TCPIP Registry Settings

Note: Thanks to D'Andre Ladson for finding this information.