Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?

• Previous message: Raoul Armfield: "Re: Restricting file server to access to domain computers only."
• In reply to: deadly.halo_at_gmail.com: "Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Next in thread: Meni Milstein: "RE: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Reply: Meni Milstein: "RE: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Fri, 10 Jun 2005 17:03:17 -0400
To: focus-ms@securityfocus.com

Ugh. There isn't much of an audit trail for it (as opposed to email
notifications, for example). There is no security on it whatsoever-
any nitwit could

net send * bad message here

resulting in everyone on the subnet getting a "bad message here" popup

You'd be reliant upon a working WINS infrastructure, but would still
have issues if the specific user was not logged in. If a user is
logged into > 1 machine, I believe only the last machine they logged
into will get it (as my WINS console only shows my username registered
once for the [03h] netbios name type.

So, you would be potentially activating another service, thus gaining
whatever potential security vulnerabilites lie within, only to obtain
a fairly unreliable notification method.

Matt

On 2 Jun 2005 19:20:04 -0000, deadly.halo@gmail.com
<deadly.halo@gmail.com> wrote:
> A fellow network administrator at the company I work for is interested in implementing a system that utilizes the Messenger Service (not to be confused with the MS Messenger chat tool) to initiate Net Send notifications to clients throughout the user community. Our network hosts consist of Windows 2000/XP machines (XP has the service disabled by default, 2000 may as well). I remember that there was a large vulnerability reported at the end of 2003 regarding the Messenger Service. I know that the issue was addressed in subsequent service packs, but this doesn't necessarily mean it's a good idea to use it.
>
> Bottom line; I'm concerned that enabling the Messenger Service throughout the network will open our environment to security vulnerabilities. What are you thoughts? Any know issues at this time? Your input would be greatly appreciated.
>
> Regards,
>
> Brian
>
> ---------------------------------------------------------------------------
> ---------------------------------------------------------------------------
>
>

---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Previous message: Raoul Armfield: "Re: Restricting file server to access to domain computers only."
• In reply to: deadly.halo_at_gmail.com: "Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Next in thread: Meni Milstein: "RE: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Reply: Meni Milstein: "RE: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]