Finally I figured it out! I wondered what all those blocked incoming, UDP, port 1900, remote address 192.168.0.1, to “N/A” process names were. All I had to do was disable “UPNP settings” on my router. I don’t have any UPNP devices on my XP machine, and the service is disabled as well. It was driving me nuts. So I'm curious, has anyone else encountered this? Under what circumstances would this option be enabled? My router is a D-Link DI-624.

Oh yeah. UPnP has had lots of discussion. You would want it if you had other UPnP devices. Here's a start for your reading pleasure: http://www.grc.com/unpnp/unpnp.htm (bear in mind that it's old but still interesting and in XP it's the SSDP Discovery Service)

Thank you Manny!

The GRC article is bunk. The FBI pulled their warning when it was pointed out that the exploit was with the discovery service, not uPnP and MS patched the hole years ago.

Still it's not like Steve Gibson to let facts get in the way of an opportunity to market himself.

I recently bought a wireless router to use with my PDA and did a bit of research on this after remembering the initial panic about UPnP. Reading around suggested that this was indeed FUD and that the GRC article is no longer pertinent. Furthermore I have found that you can get some UPnP programs to work without the XP service enabled e.g. Azureus, utorrent, emule-morph, Trillian as these seem to use their own UPnP code so you just need it enabled in the router. This is better IMO than forwarding loads of ports which you may only use occasionally.

Just my tuppence worth,

Sandman

The thing is if you aren't using any uPnP devices there's no need to have it turned on. Further, uPnP does have an authentication protocol that's a bit lightweight - http://en.wikipedia.org/wiki/UPnP and don't get me started on the malware infested, spamming, illegal sharing of copyrighted materials that P2P networks attract.

(But I do agree that Mr Gibson understands the concepts of marketing very well.)

The thing is if you aren't using any uPnP devices there's no need to have it turned on. Further, uPnP does have an authentication protocol that's a bit lightweight - http://en.wikipedia.org/wiki/UPnP and don't get me started on the malware infested, spamming, illegal sharing of copyrighted materials that P2P networks attract.

(But I do agree that Mr Gibson understands the concepts of marketing very well.)
Yes there is a lot of dodgy stuff on P2P networks but there is also a lot of safe, legal stuff that is shared and patches and user mods available that make use of P2P technology.

UPnP on a router, is a way to support forwarding for UPnP-capable applications (including P2P and VoIP), however, you can find a VBS code sample that enables router ports to be arbitrarily opened using UPnP - I suppose, equally, a malicious local application could attempt to adjust normal router port-forwarding, but that is usually password protected.