Re: messenger service spam -- though net client disabled?
From: Chris Carter (cc@chriscarter.fslife.co.uk)
Date: 10/10/02
- Next message: Toni Lassila: "Re: Help Me Clean up a Hacker's Mess!"
- Previous message: Dave: "Folder passwords"
- In reply to: Sinuously: "messenger service spam -- though net client disabled?"
- Next in thread: robert: "Re: messenger service spam -- though net client disabled?"
- Reply: robert: "Re: messenger service spam -- though net client disabled?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: "Chris Carter" <cc@chriscarter.fslife.co.uk> Date: Thu, 10 Oct 2002 09:40:45 +0100
"Sinuously" <sinuously@yahoo.com> wrote in message
news:7c993370.0210091549.52d053b2@posting.google.com...
> I run Windows 2000 Professional. I just got some advertising
spam
> through the "messenger service" popup, and though I do believe
that I
> can stop this sort of thing by disabling messenger service via
the
> services menu, I am concerned -- because the spam was received
even
> though "client for microsoft networking" is disabled on my
outward
> facing network adapter.
>
> 1.) Previously, I had thought (perhaps incorrectly) that
disabling
> microsoft networking would prevent such intrusions. A lot of
posted
> advice regarding this sort of spam mentions disabling
networking as a
> possible precaution -- but if so, how could I possibly get this
spam?
> Is messenger service listening on the port directly?
>
> 2.) Also, I have disabled, but not completely removed the
client for
> microsoft networking component, and the same for the file
sharing
> component. This is because I have an inward facing network
adapter
> for file sharing on my internal network. But as I said before,
both
> file sharing and net client ARE DISABLED on the outward facing
> adapter. Polyana says that receiving information in the form
of spam
> does not necessarily imply that sensitive information will flow
out by
> the same route. So how seriously should I worry about my
system being
> exposed to intruders vis-a-vis the client for networking, or
the file
> sharing component, when they are in fact disabled?
>
> Thanks, from ME -- please e-mail a reply as well as posting
(please)
I got exactly the same problem, some kind of spam for university
diploma's, I mean, christ, 90% of my email is junk as it is,
goddam spammers.
I have a very similar set-up as you, an inward facing NIC for
local network and an outward facing NIC for broadband internet
connection. Not only are both 'Client for Microsoft Networks' and
'NETBIOS over TCP/IP' disabled on the outward facing NIC, but I
also run Sygate Firewall with virtually every service/app
disallowed outside access. So, how the hell did this message get
through?!?!?
Also, if this kind of thing has been going on for a while (ie
sending spam via Messenger Service) and I've never received any
in the past, nothing has changed with my network security
recently, so how come it got through this time? Has an exploit
been discovered?
If I disable the Messenger Service will it effect any other apps
on my system - heh, bit of a wildcard question there. Let me
rephrase, what common Win2000 apps require the messenger service
to be running?
- Next message: Toni Lassila: "Re: Help Me Clean up a Hacker's Mess!"
- Previous message: Dave: "Folder passwords"
- In reply to: Sinuously: "messenger service spam -- though net client disabled?"
- Next in thread: robert: "Re: messenger service spam -- though net client disabled?"
- Reply: robert: "Re: messenger service spam -- though net client disabled?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
