Security Basics mailing list archives
RE: Messenger service abuse (from inside the network)
From: "Hunt, Jim" <Jim.Hunt () nwsc k12 in us>
Date: Wed, 3 Dec 2003 21:11:07 -0500
I am the Network Services Manager for a K-12 School District with 2000 users. First, we cannot beat students no matter how much they deserve it. ;) I assume you have your computers in nice little OUs. I would assume the students use lab and media center (library) computers typically. Why not use a group policy to disable the MS Messenger Service on those machines. Jim Hunt Certified Network & Systems Engineer Northwestern School Corporation Network Services Manager http://technology.nwsc.k12.in.us <http://technology.nwsc.k12.in.us/> http://www.ProWinHost.com <http://www.prowinhost.com/> | Professional Windows Hosting | Professional Windows Reselling http://www.AlertServ.com <http://www.alertserv.com/> | Managed and Incident Windows Server Support | Custom Alerting http://www.NetMon.org <http://www.netmon.org/> | Network Monitoring Tools and Tutorials | Includes MRTG for Dummies -----Original Message----- From: Alexander Lukyanenko [mailto:sashman () ua fm] Sent: Wed 12/3/2003 2:58 PM To: security-basics () securityfocus com Cc: Subject: Messenger service abuse (from inside the network) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hello list. I administer a high school network running W2K Pro in an Active Directory domain. The problem is that the users abuse the Messenger service by sending some mischief over the network (furthermore, they even write batch files that repeatedly flood the domain with same text). Is there a way to prevent this, except by changing net.exe's ACL on all machines (or beating the offenders after classes :)? Stopping Messenger service on the workstations is not a solution, as it is used for sending various administrative messages. All students share a common AD account (it would be cumbersome to maintain 300+ user accounts, as most of them use the PCs for short periods only). Best regards * * * * * * * * * * * * * * * * Alexander V. Lukyanenko * * ma1lt0: sashman ua fm * * ICQ# : 86195208 * * Phone : +380 44 458 07 23 * * OpenPGP key ID: 75EC057C * * NIC : SASH4-UANIC * * * * * * * * * * * * * * * * -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (MingW32) iD8DBQE/zkBXlz+8e3XsBXwRAi/VAKCTyRlRA4iAQY6Opbk0w1jYypvYNACdFaUR kUWN82Zu6d+xu0bMpfQ2GlM= =cpq+ -----END PGP SIGNATURE----- --------------------------------------------------------------------------- ----------------------------------------------------------------------------
Current thread:
- RE: Messenger service abuse (from inside the network), (continued)
- RE: Messenger service abuse (from inside the network) David Gillett (Dec 04)
- Re: Messenger service abuse (from inside the network) Brad Arlt (Dec 04)
- Re: Messenger service abuse (from inside the network) Jimi Thompson (Dec 08)
- RE: Messenger service abuse (from inside the network) Stephen McCauley (Dec 04)
- Re: Messenger service abuse (from inside the network) gregh (Dec 04)
- RE: Messenger service abuse (from inside the network) Shawn Jackson (Dec 04)
- Re[2]: Messenger service abuse (from inside the network) Alexander Lukyanenko (Dec 04)
- RE: Messenger service abuse (from inside the network) Zachary Mutrux (Dec 05)
- RE: Messenger service abuse (from inside the network) Mark Harris (Dec 09)
- RE: Messenger service abuse (from inside the network) Rod Trent (Dec 09)
- RE: Messenger service abuse (from inside the network) Hunt, Jim (Dec 04)
- RE: Re[2]: Messenger service abuse (from inside the network) Shawn Jackson (Dec 04)
- Re[4]: Messenger service abuse (from inside the network) Alexander Lukyanenko (Dec 05)
- RE: Messenger service abuse (from inside the network) Nero, Nick (Dec 04)
- RE: Messenger service abuse (from inside the network) Camp, Mr Tony J. (Dec 05)
- Re[2]: Messenger service abuse (from inside the network) Alexander Lukyanenko (Dec 05)
- RE: Messenger service abuse (from inside the network) Shawn Jackson (Dec 05)
- RE: Messenger service abuse (from inside the network) Day, David (Dec 08)