Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?

• Previous message: at: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• In reply to: at: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Next in thread: Sap .: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Reply: Sap .: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 23 Jun 2005 09:58:11 -0700
To: michael.mailinglist@securityfocus.com, at <gmail.com@securityfocus.com>

michael.mailinglist@securityfocus.com wrote:
> At a previous company I worked for we had issues with employees using
> it to taunt each other. Since the only audit trail is in the local
> machine's event logs, it is very difficult to keep track of who is
> abusing the service. We ended up disabling the service company wide.
>

However, the local machine event log entry *does* the NetBIOS name of
the sending machine, making it easy to track that, at least. Given only
minor sleuthing (and a lack of poorly configured multi-user machines),
tracking who did what when, in this case, is pretty simple.

Kurt

---------------------------------------------------------------------------
---------------------------------------------------------------------------

• Previous message: at: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• In reply to: at: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Next in thread: Sap .: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Reply: Sap .: "Re: Using Messenger Service for 'Net Send' Functionality --- Dangerous? Why?"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]