Re: Computer has been hacked
From: YoKenny (YKnot_at_home.invalid)
Date: 09/13/03
- Next message: Cindy: "128 bit security"
- Previous message: Bill Sanderson: "Re: Patch Update Verification"
- In reply to: Bill Sanderson: "Re: Computer has been hacked"
- Next in thread: Bill Sanderson: "Re: Computer has been hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Fri, 12 Sep 2003 21:37:46 -0400
Bill Sanderson wrote:
> I know why.
>
> George--if he's receiving messenger popups nothing is blocking port
> 139.
>
> If port 139 is open, so, in all likelyhood are other ports, hence the
> suggestion that a firewall is needed.
>
> Now Tom tells us that he has a firewall--so, something is definitely
> awry--any firewall worth its salt should block port 139.
>
> Turning off the messenger service is shooting the messenger. It
> doesn't fix the basic issue.
New Messenger Service spam uses port 1026.
"2003-09-11: Instantly test if your PC is vulnerable using our WinPopUP
New Tester Now tests udp/135 AND udp/1026-1029
http://www.mynetwatchman.com/kb/security/articles/popupspam/index.htm
I don't use ZoneAlarm but I do see attempts to pop up its test message in
the Kerio logs. ZoneAlarm should have logs indicating the test and if it
does not then it is not set up correctly.
> But then, you know all that and I'm guilty of feeding the trolls.
But is is good to keep the trolls under control when they are posting
misleading/incorrect information.
> "George Hester" <hesterloli@hotmail.com> wrote in message
> news:eAuOmuYeDHA.3708@tk2msftngp13.phx.gbl...
> I don't know why Bill is not telling you how to stop it with what you
> have. It is very easy to do. Start | Settings | Control Panel |
> Administrative Tools | Services | Messaging Service | Double-click |
> Startup | Set to Manual. Reboot.
>
>> First, thank you for answering...second, I have Zone
>> Alarm Pro for my firewall. I am still receiving the
>> Messenger Service message - do you know how I can't get
>> rid of it? Thanks for you help.
>>
>>> -----Original Message-----
>>> I don't think you've been hacked, I think you are being
>> played a trick upon.
>>>
>>> The messenger service has been used by spammers for some
>> time, and now
>>> someone is doing something equally unamusing with it.
>>>
>>> The cure for messenger service popups is a firewall.
>>>
>>> I can't overstress the importance of this--you need a
>> firewall, and now.
>>>
>>> Here's a Microsoft page which will tell you how to
>> activate XP's built-in
>>> firewall, or give you links to 3-rd party free or
>> commercial firewall
>>> products:
>>>
>>> http://www.microsoft.com/security/protect/default.asp
>>>
>>> "Tom" <tneal6@cox.net> wrote in message
>>> news:068201c378d0$e33cf720$a401280a@phx.gbl...
>>>> Today when I got on my home PC, I got a message from
>>>> Messenger service telling me my computer has been
>>>> hacked. It reads message from S0028841298 to
>> S0028841298
>>>> on 9//11/2003 (time).
>>>>
>>>> It appears to come up in a cmd window and constantly
>>>> repeat itself as in a loop.
>>>>
>>>> Can anyone tell me how to get rid of this?
>>>>
>>>> Thanks
>>>> http://support.microsoft.com/newsgroups
- Next message: Cindy: "128 bit security"
- Previous message: Bill Sanderson: "Re: Patch Update Verification"
- In reply to: Bill Sanderson: "Re: Computer has been hacked"
- Next in thread: Bill Sanderson: "Re: Computer has been hacked"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
