Home page logo

basics logo Security Basics mailing list archives

Re: Windows Messenger Pop-up spam
From: "Kevin Davis" <kevin.davis () mindless com>
Date: Tue, 30 Nov 2004 20:53:50 -0500

----- Original Message ----- From: "Steven Trewick" <STrewick () joplings co uk> To: "'Paul Kurczaba'" <paul () myipis com>; "'Matthew Romanek'" <shandower () gmail com>; <security-basics () securityfocus com>
Sent: Tuesday, November 30, 2004 12:00 PM
Subject: RE: Windows Messenger Pop-up spam

Some people may have also gone into "services" and
disabled the messenger service.

Which will merely have lulled them into a false sense of security,
since the traffic is still making it to their IP stack. For windows
boxen, this is almost as good as "game over"

Not necessarily. I have disabled the Messenger service. This has less to do with pop-ups as it does general security. I have no need for the Messenger service. It is part of hardening a system to turn off unneeded services. Any unneeded service running is an unnecessary risk as it may have other vulnerabilities (as we have seen with the Messenger service and the sendmail daemon to name a few). And yes, I do have a firewall up and am behind a router so I wasn't getting hit by pop-ups anyways. Any box with XP SP2 installed should block the Messenger traffic by default as well. So it isn't "game over" for all windows systems.

Anyone who has no firewall (doesn't have SP2 installed) and no router and turns off the Messenger service would probably be lulled into a false sense of security.

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]