Re: Why hasn't Symantec addressed nastier Messenger spoofs

From:
Date: 10/24/02

Next message: Darryl Luff: "Re: Ethereal Capture Decoding"
Previous message: Max7: "Network question"
In reply to: Jim Kutz: "Why hasn't Symantec addressed nastier Messenger spoofs"
Next in thread: Walter Dnes: "Re: Why hasn't Symantec addressed nastier Messenger spoofs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Thu, 24 Oct 2002 06:06:12 GMT

In comp.security.misc <d703a4b1.0210231936.3d127593@posting.google.com> Jim Kutz <jimkutz@earthlink.net> wrote:
> A few [but not many] Internet providers say they use this type of
> messaging to send messages such as "system going down in 5 minutes",
> so they're not encouraging users to disable it. [ The vast majority

Then they shouldn't be using it. This is useful on a LAN, where users
are probably using fileservers and even momentary interruptions can
cause havoc, but an ISP's e-mail servers aren't sub-second-response-time
critical. Basically, there's no reason for anything off the local LAN
to ever be using Windows Messenger to send messages.

ISP pop-up blockers also won't work. They're just HTTP/HTTPS proxies,
and Windows Messenger has nothing to do with HTTP/HTTPs or the Web
browser.

> My third question is, if Symantec does introduce a filter to warn or
> disable concerning these popups, will it also be able to 'let
> through' pop-ups from approved local apps or remote sites?

If you're directly connected to the cable modem, it can. If you're on
a LAN and using a NATting router, there's nothing that distinguishes
a Messenger packet from the outside world from a local one ( this is
UDP, remember, no connection and no response needed so forging the
source address doesn't cause any protocol problems ).

I haven't seen any of these (yet), but since I'm using Samba with the
pop-up scripts disabled I'm not overly worried.

-- 
Don't worry about where to land -- by the time you get to it, it
_will_ be flat.
                                -- concering Orion landing procedures

Next message: Darryl Luff: "Re: Ethereal Capture Decoding"
Previous message: Max7: "Network question"
In reply to: Jim Kutz: "Why hasn't Symantec addressed nastier Messenger spoofs"
Next in thread: Walter Dnes: "Re: Why hasn't Symantec addressed nastier Messenger spoofs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

RE: disabling WINDOWS messenger
... that should get rid of the Internet pop-ups ... > Hi, Suddenly, everytine I get on the internet, a pop-up ... > for Windows messenger appears asking for a user name. ... > available to me - I just want to stop the annoying pop-up ...
(microsoft.public.windowsxp.messenger)
Adcaster - argh
... a program that spammers can purchase that sends pop-up ... ads via Windows Messenger to known IP addresses. ...
(microsoft.public.security)
stopping unwanted pop-ups
... they just pop-up on my desktop filling my screen. ... Windows Messenger Service to invade your computer. ... for an article on disabling this service. ...
(microsoft.public.security)
win messenger quits after accepting whiteboard
... Does anyone have any experience setting up Windows Messenger to work ... I'm assuming that something to do with our LAN is ... immediately quits due to an unknown error. ...
(microsoft.public.windowsxp.messenger)
Re: SBS 2003 Premium and LCS
... I use Windows Messenger only inside the LAN and don't allow the external ... uncheck the ability to use anything ... other than the internal service and they won't go out. ...
(microsoft.public.backoffice.smallbiz)