RE: Messenger service abuse (from inside the network)

From: Zachary Mutrux (zmutrux_at_compumentor.org)
Date: 12/05/03

  • Next message: Tres London: "RE: WiFi security implications" 
    To: "Security-Basics" <security-basics@securityfocus.com>
Date: Fri, 5 Dec 2003 09:12:48 -0800

    Like Shawn said, use NTFS permissions to deny access to the net.exe program,
    to anyone but system and whatever groups should have authorized access. No
    need to visit each computer individually, these settings can be assigned via
    group policy.

    However, this won't stop someone from bringing his own copy of net.exe in on
    a floppy or downloaded from the Internet.

    Does anyone know of a good replacement for the Messenger service? I would be
    particularly interested in a cross-platform (Mac/PC) solution. Or something
    that will let the Mac receive notes sent via the Messenger service. Maybe
    that should be a separate thread.

    If the students' computers aren't already on their own separate network,
    that might be a place to start. Then their Messenger hijinks won't affect
    computers used by teachers and administration.

    I like the idea of being able to block messenger traffic with a packet
    filter, but where would this be implemented? Not on the firewall, not on the
    server. It would have to be implemented on all the workstations. Is there a
    way to do that in W2K Pro? A managed personal firewall might work, but the
    administrative overhead is too high to justify, just to stop this problem.

    zm

    > -----Original Message-----
    > From: Shawn Jackson [mailto:sjackson@horizonusa.com]
    > Sent: Wednesday, December 03, 2003 4:48 PM
    > To: Alexander Lukyanenko; security-basics@securityfocus.com
    > Subject: RE: Messenger service abuse (from inside the network)
    >
    >
    > Just ACL the net command to SYSTEM, DOMAIN ADMINS, etc. Make
    > sure you got everything locked down on the system (gpedit.msc). Also
    > make sure they aren't installing any software for messenger spamming.

    ---------------------------------------------------------------------------
    ----------------------------------------------------------------------------

  • Next message: Tres London: "RE: WiFi security implications"

    Relevant Pages

    • Re: Cant net send messages to some computers
      ... there could be a local Policy setting against the Messenger ... If Home edition, there could be a registry entry for that. ... The strange thing is that computers that doesn't receive messages: ...
      (microsoft.public.windowsxp.help_and_support)
    • Re: net send
      ... none of the computers I try to send message to recieve the message they all ... > Microsoft MVP - Windows Messenger/MSN Messenger ... > All posts unless otherwise specified are 2005 Jonathan Kay. ... >>I am trying to use net send inside of our lab. ...
      (microsoft.public.windowsxp.messenger)
    • Re: I dont want to update messenger
      ... AL'S COMPUTERS ... The free messenger client that comes buit into XP (which is what I ... have all the bells and whistles (AKA security holes) everyone seems to ...
      (microsoft.public.windowsxp.messenger)
    • Re: No Video with XP Messenger
      ... I have the exact same problem on three different computers running Messenger ... Logitech QuickCam Express and I don't get video in Windows ...
      (microsoft.public.windowsxp.messenger)
    • Messenger Service Pop up adds
      ... None of the other computers have MSN Messenger installed ... I have three other computers with XP, ... plus windows security seem to be unable to stop ... >seems to have a fix, other that one of the "Messenger ...
      (microsoft.public.windowsxp.security_admin)