Re: Unwanted Pop Up Ads

From: Shenan Stanley (news_helper_at_hushmail.com)
Date: 01/30/04


Date: Fri, 30 Jan 2004 12:29:43 -0600

WayuU wrote:
> Don't understand what you want to tell me either. Is their something
> in my statement that you think is incorrect?
> I said that disabling a service don't make a system MORE vulnerable.
> Is that wrong, does it make system MORE vulnerable by disabling
> services?
> I'm sure of my knowledge and I AM security certified (ofcourse don't
> mean I'm a guru). But I do know some hacking too and therefore the
> holes in especially MS systems. I also pointed out the port to be
> closed, UNLESS you have applications in need of that port.

Although disabling the messenger service does not make the system "more
vulnerable" - you haven't made it any less vulnerable. You have taken away
a warning sign of the vulnerability. You gave - as I stated - an INCOMPLETE
ANSWER.

In your original answer - you said NOTHING about disabling/firewalling off
the port in question:

WayuU wrote:
> I think you're talking about advertisemant companies
> utilizing the messenger service for popups
> Not same as MSN). Go to Services and disable
> the MEssenger service, unless you're on a network
> and REALLY need the net send, etc..

It was not until someone else mentioned your mistake (in not also pointing
out to close the port) that you came back with this:

WayuU wrote:
> Don't understand what you are talking about. Disabling
> services NEVER makes a system more vulnerable.
> Disabling port 135 (which is the port messenger service
> utilizes) is a better solution if you don't need it for some
> other app..

Where you mentioned disabling the port, but only after mentioning another
falsehood that disabling services (you did not specify what services - you
implied any/all services) never would make a system more vulnerable.. Never
say never - because if ICF is the only firewall I have and I disable the
service - I am more vulnerable.

Certified means you can pass a test - I have never been impressed with
memorization skills.

What I am telling you is quite simple. If you are going to give an answer,
give a full answer and/or at least point to a web page where the poster can
get all of the facts.

The full answer to this problem is this: If you are getting Messenger
Service pop-ups, you are vulnerable to many more problems. It is highly
suggested you look into either using the firewall built into Windows XP
and/or install configure a third party firewall and/or setup a hardware
one - thus preventing the messages from ever getting to your computer in the
first place and better securing your machine over all. You can then
consider other options, such as turning off any services you do not need.
If you feel you do not need the messenger service - you could turn it off to
see if anything goes awry - if not - leave it off. Other services can be
tried in this way. For a list of XP services and what they do along with
opinions of someone else, please visit :
http://www.blackviper.com/WinXP/servicecfg.htm.

What I am critiquing is your original answer and then part of your second
response - both of which are not the earmarks of someone certified in some
sort of "security" as you claim to be. Confident in your knowledge is
fine - are you as confident in your ability to share your knowledge in a
fashion that others can understand and that gives them the full benefit of
your knowledge?

-- 
<- Shenan ->
-- 


Relevant Pages

  • Re: An email from my ISP about Windows Messenger
    ... You can disable NT Messenger Service. ... > vulnerability in the Windows Messenger (NOT MSN ... Fortunately, the worm utilized port ...
    (microsoft.public.security)
  • Re: [Full-Disclosure] Windows Messenger Popup Spam on UDP Port 1026
    ... Windows Messenger Popup Spam on UDP Port ... > Messenger service listens for connections on port 1026 as well as ... > Disabling the messenger service will stop the pop-up spam, ...
    (Full-Disclosure)
  • Re: Messenger Service Pop Ups
    ... The KB article you cite recommends disabling the ... messenger service as a *workaround,* only until the necessary patch ... messenger service is, in and of itself, any kind of real solution. ... > vulnerability in the Messenger service that could expose your system ...
    (microsoft.public.windowsxp.security_admin)
  • Re: unending pop-up(s)
    ... Disabling the messenger ... Messenger Service running but not tell you to at least patch your ... system against this vulnerability: ...
    (microsoft.public.windowsxp.security_admin)
  • Re: What virus is this? How to remove?
    ... No, not the MSN messenger, but try disabling the 'Messenger' service. ... The Messenger service allows a WinPC ... You are obviously not using a firewall, and port 445 is open to abuse. ...
    (alt.comp.anti-virus)