Home page logo
/

basics logo Security Basics mailing list archives

Re: Messenger service abuse (from inside the network)
From: InCisT <InCisT () popsikle net>
Date: Wed, 03 Dec 2003 17:26:38 -0500

Alexander Lukyanenko wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello list.
I administer a high school network running W2K Pro in an Active
Directory domain.

The problem is that the users abuse the Messenger service by sending
some mischief over the network (furthermore, they even write batch
files that repeatedly flood the domain with same text).
Is there a way to prevent this, except by changing net.exe's
ACL on all machines (or beating the offenders after classes :)?
Stopping Messenger service on the workstations is not a solution, as it
is used for sending various administrative messages.
All students share a common AD account (it would be cumbersome to
maintain 300+ user accounts, as most of them use the PCs for short
periods only).

Block the port either on serverside or issue a site wide policy to turn off messenger service.

InCisT


---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]