Security Basics mailing list archives
RE: Windows Messenger Pop-up spam
From: Harlan Carvey <keydet89 () yahoo com>
Date: Mon, 6 Dec 2004 04:03:11 -0800 (PST)
Steven
Harlan, as you well know, there are *many* other things listening to/on the subset of ports used by messenger spam, turning off the messenger service in no way blinds/deafens the *rest* of the RPC subsystem, where $DEITY knows how many vulns have been (and remain to be) discovered.
True. Agreed. No question/problem/issue with that whatsoever.
Simply turning off the service in no way increases the security of the machine, because those ports and the multiplicity of services that use them will still be exposed, quite obviously.
Again, agreed. However, as is many times the case, this has nothing whatsoever to do with the original poster's (OP) question. The OP asked: "Is this sort of stuff still a problem? Does it still exist in the wild?" The OP did NOT ask: "Does shutting off the Messenger service significantly improve my security?"
Anyone sufficently addled as to run a machine exposed in this way is also extremely unlikely to be patched up the eyeballs, thus we have exposed *and* vulnerable services. Thus it will be game over when the first worm reaches the machine.
Hhhmmm...depends on the worm, but yes. But again, this is not the issue at hand. Thanks, Harlan ===== ------------------------------------------ Harlan Carvey, CISSP "Windows Forensics and Incident Recovery" http://www.windows-ir.com http://groups.yahoo.com/group/windowsir/ "Meddle not in the affairs of dragons, for you are crunchy, and good with ketchup." "The simplicity of this game amuses me. Bring me your finest meats and cheeses." ------------------------------------------
Current thread:
- Re: Windows Messenger Pop-up spam, (continued)
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 09)
- Re: Windows Messenger Pop-up spam Michael Painter (Dec 10)
- Message not available
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 13)
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 02)
- Re: Windows Messenger Pop-up spam Kevin Davis (Dec 03)
- RE: Windows Messenger Pop-up spam Harlan Carvey (Dec 07)
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 08)