surely the real problem is not that I'm not running a
firewall, but that microsoft haven't plugged their XP
software properly ?

>-----Original Message-----
>Hi,
>
>These messages are caused by the windows messenger
service, (this *can* be
>disabled) however, the messenger service is not the
problem, the real
>problem is the fact that you are not running a firewall,
or if you are, you
>haven't blocked ports 137-139.
>
>Disabling the messenger service will stop the popups,
but if you have file
>and print sharing bound to your external TCP/IP
connection, then you could
>also potentially be sharing your entire hard disk with
the world since
>netBIOS uses ports 137-139.
>
>A good firewall can be found at www.zonelabs.com
>
>The small "ShootTheMessenger" Messenger service
enabler/disabler will turn
>off the messenger.
>
>http://grc.com/miscfiles/ShootTheMessenger.exe
>
>Or you can do it manually:
>
>Disabling the Messenger Service
>To remove the ability for anyone in the world to pop up
messages on your
>computer, you can disable the Messenger service. Its
easy to reverse at a
>later time if you wish to do so.
>
>Windows XP Home
>Click Start->Settings ->Control Panel
>Click Performance and Maintenance
>Click Administrative Tools
>Double click Services Scroll
>down and highlight "Messenger"
>Right-click the highlighted line and choose Properties.
>Click the STOP button.
>Select Disable or Manual in the Startup Type scroll bar
>Click OK
>
>Windows XP Professional
>Click Start->Settings ->Control Panel
>Click Administrative Tools
>Click Services
>Double click Services Scroll
>down and highlight "Messenger"
>Right-click the highlighted line and choose Properties.
>Click the STOP button.
>Select Disable or Manual in the Startup Type scroll bar
>Click OK
>
>HTH
>
>--
>Greg Crawford
>*****************************
>* www.greg-crawford.co.uk *
>* Remove MyShoes to email me *
>*****************************
>
>
>
>
> <ihatemicrosoft> typed:
>:: Does anyone know if Microsoft have any plans to plug
the
>:: hole that allows anyone with a modem to grab hold of
my
>:: pc by using the gaping hole in Microsoft's XP (most
>:: commonly illustrated by huge amounts of spam pop-ups
>:: being sent to your pc through an "open" port with
Windows
>:: Messenger even when messenger is closed and you don't
>:: have email etc etc) ?
>:: This is annoying beyond belief, and surely Microsoft
are
>:: liable/negligent if they don't fix it as soon as they
>:: hear about it ?
>
>
>.
>

The *Messenger service is a Windows service* (it is not a bug) that
transmits net send messages and messages that are sent through the Alerter
service between client computers and servers.

For example, the Messenger service can be used by network administrators to
send administrative alerts to network users.
The Messenger service can also be used by Windows and other software
programs.
For example, Windows may use it to inform you when a print job is completed
or when you lose power to your computer and switch to a uninterruptible
power supply (UPS).
Your antivirus program may use the Messenger service to send you
notifications.

It's not a bug, it is a service and with a little bit of knowledge, you can
disable it. The reason why you get the Pop Ups is because the service is
enabled *and* you are not usingn adequate firewall.

I feel if you cant be bothered to even try and protect yourself... you arre
fair game.....

<a> typed:
:: surely the real problem is not that I'm not running a
:: firewall, but that microsoft haven't plugged their XP
:: software properly ?
::
::: -----Original Message-----
::: Hi,
:::
::: These messages are caused by the windows messenger service, (this *can*
be
::: disabled) however, the messenger service is not the problem, the real
::: problem is the fact that you are not running a firewall, or if you are,
you
::: haven't blocked ports 137-139.
:::
::: Disabling the messenger service will stop the popups, but if you have
file
::: and print sharing bound to your external TCP/IP connection, then you
could
::: also potentially be sharing your entire hard disk with the world since
::: netBIOS uses ports 137-139.
:::
::: A good firewall can be found at www.zonelabs.com
:::
::: The small "ShootTheMessenger" Messenger service enabler/disabler will
turn
::: off the messenger.
:::
::: http://grc.com/miscfiles/ShootTheMessenger.exe
:::
::: Or you can do it manually:
:::
::: Disabling the Messenger Service
::: To remove the ability for anyone in the world to pop up messages on your
::: computer, you can disable the Messenger service. Its easy to reverse at
a
::: later time if you wish to do so.
:::
::: Windows XP Home
::: Click Start->Settings ->Control Panel
::: Click Performance and Maintenance
::: Click Administrative Tools
::: Double click Services Scroll
::: down and highlight "Messenger"
::: Right-click the highlighted line and choose Properties.
::: Click the STOP button.
::: Select Disable or Manual in the Startup Type scroll bar
::: Click OK
:::
::: Windows XP Professional
::: Click Start->Settings ->Control Panel
::: Click Administrative Tools
::: Click Services
::: Double click Services Scroll
::: down and highlight "Messenger"
::: Right-click the highlighted line and choose Properties.
::: Click the STOP button.
::: Select Disable or Manual in the Startup Type scroll bar
::: Click OK
:::
::: HTH
:::
::: --
::: Greg Crawford
::: *****************************
::: * www.greg-crawford.co.uk *
::: * Remove MyShoes to email me *
::: *****************************
:::
:::
:::
:::
::: <ihatemicrosoft> typed:
::::: Does anyone know if Microsoft have any plans to plug the
::::: hole that allows anyone with a modem to grab hold of my
::::: pc by using the gaping hole in Microsoft's XP (most
::::: commonly illustrated by huge amounts of spam pop-ups
::::: being sent to your pc through an "open" port with Windows
::::: Messenger even when messenger is closed and you don't
::::: have email etc etc) ?
::::: This is annoying beyond belief, and surely Microsoft are
::::: liable/negligent if they don't fix it as soon as they
::::: hear about it ?
:::
:::
::: .

a wrote:
> surely the real problem is not that I'm not running a
> firewall, but that microsoft haven't plugged their XP
> software properly ?

How so? How can windows read your mind and tell if a network connection is a
LAN one, and therefore one you'd want to receive LAN-wide notices on, or
not?

I'm not an XP programmer, but it strikes me that if
there's a particular operating system (ie XP) that has
this problem, and all other systems don't, then by
definition it's a fault in the software. If other systems
don't have this problem, then why should XP ?
>-----Original Message-----
>a wrote:
>> surely the real problem is not that I'm not running a
>> firewall, but that microsoft haven't plugged their XP
>> software properly ?
>
>How so? How can windows read your mind and tell if a
network connection is a
>LAN one, and therefore one you'd want to receive LAN-
wide notices on, or
>not?
>
>
>
>.
>

As reluctant as I am to reply to someone that appears to have an axe to
grind, I couldn't resist throwing in my 2 cents...

Your claim that this is a Windows XP problem is off base. Most *nix
operating systems have a similar functionality enabled by default. Here's
an excerpt from the man page for the "write" command:

==========BEGIN QUOTE===============
"NAME
write - send a message to another user

SYNOPSIS
write user [ttyname]

DESCRIPTION
Write allows you to communicate with other users, by copying lines
from your terminal to theirs.

When you run the write command, the user you are writing to gets a
message of the form:

Message from yourname@yourhost on yourtty at hh:mm ..."
==========END QUOTE===============

The problem is that most of these systems were designed to be used on
_closed_ networks, and this whole "Internet" thing kinda caught people by
surprise. As all OS vendors make valiant efforts to catch up (and MS has
come a _long_ way, esp. with the recent 2003 release), consumers need to be
aware of the technology they are using and use reasonable measures to
protect themselves. Using a unpatched computer on the Internet is kinda like
walking into a room full of anonymous strangers wearing a t-shirt with all
of your personal information printed on it. If you don't like it, try
another OS. You'll still need a firewall. Remember that Microsoft is a
business. They don't quite have unlimited resources to devote to fixing
_all_ the shortcomings in their products _right now_. They are only going
to devote resources to improvements that are going to enable them to
continue to make money. Writing angry posts to a peer-to-peer support group
with obviously fake names and email addresses is not going to fix anything.
If you don't like it, vote with your wallet and buy something else.

Regards,
Patrick Hallihan
MCSE, MCDBA


"a" > wrote in message
...
> I'm not an XP programmer, but it strikes me that if
> there's a particular operating system (ie XP) that has
> this problem, and all other systems don't, then by
> definition it's a fault in the software. If other systems
> don't have this problem, then why should XP ?
> >-----Original Message-----
> >a wrote:
> >> surely the real problem is not that I'm not running a
> >> firewall, but that microsoft haven't plugged their XP
> >> software properly ?
> >
> >How so? How can windows read your mind and tell if a
> network connection is a
> >LAN one, and therefore one you'd want to receive LAN-
> wide notices on, or
> >not?
> >
> >
> >
> >.
> >

Xref: kermit microsoft.public.windowsxp.security_admin:61940

In article >, "a" > wrote:
>I'm not an XP programmer, but it strikes me that if
>there's a particular operating system (ie XP) that has
>this problem, and all other systems don't, then by
>definition it's a fault in the software. If other systems
>don't have this problem, then why should XP ?

Because those other OSs don't have a feature whereby system components or
other network users can push a message onto the screen. When it's done by a
spammer, it's an intrusion, certainly, but it isn't a security risk or a
bug. What it is, is annoying. What it needs, is a move to using some more
robust form of IM, and/or the application of a firewall.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]
--
Texas Imperial Software | Find us at http://www.wftpd.com or email
1602 Harvest Moon Place | .
Cedar Park TX 78613-1419 | WFTPD, WFTPD Pro are Windows FTP servers.
Fax/Voice +1(512)258-9858 | Try our NEW client software, WFTPD Explorer.

>If you don't like it, vote with your wallet and buy
something else.

And make sure you run a firewall on the other OS you use
also. Please find me one *nix advocate who also
advocates that you don't need a firewall, and make sure
that person has some sense please.

You still need a firewall even on a *nix system.


>
>Regards,
>Patrick Hallihan
>MCSE, MCDBA
>
>
>"a" > wrote in message
...
>> I'm not an XP programmer, but it strikes me that if
>> there's a particular operating system (ie XP) that has
>> this problem, and all other systems don't, then by
>> definition it's a fault in the software. If other
systems
>> don't have this problem, then why should XP ?
>> >-----Original Message-----
>> >a wrote:
>> >> surely the real problem is not that I'm not running
a
>> >> firewall, but that microsoft haven't plugged their
XP
>> >> software properly ?
>> >
>> >How so? How can windows read your mind and tell if a
>> network connection is a
>> >LAN one, and therefore one you'd want to receive LAN-
>> wide notices on, or
>> >not?
>> >
>> >
>> >
>> >.
>> >
>
>
>.
>

a wrote:

> I'm not an XP programmer, but it strikes me that if
> there's a particular operating system (ie XP) that has
> this problem, and all other systems don't, then by
> definition it's a fault in the software. If other systems
> don't have this problem, then why should XP ?

Hi

This is not correct. Win2k and NT4 computers also risk getting Messenger spam
if the netbios ports are open against the Internet. I would think the reason
that this isn't so well "know" is because most Win2k and NT4 computers are used
in a corporate/business setting where they are placed behind firewalls
protecting them from this.


--
torgeir
Microsoft MVP Scripting and WMI, Porsgrunn Norway
Administration scripting examples and an ONLINE version of the 1328 page
Scripting Guide: http://www.microsoft.com/technet/scriptcenter