Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Windows Messenger Pop-up spam

From: "Kevin Davis" <kevin.davis () mindless com>
Date: Tue, 30 Nov 2004 20:53:50 -0500
----- Original Message ----- From: "Steven Trewick" <STrewick () joplings co uk> To: "'Paul Kurczaba'" <paul () myipis com>; "'Matthew Romanek'" <shandower () gmail com>; <security-basics () securityfocus com> 
Sent: Tuesday, November 30, 2004 12:00 PM
Subject: RE: Windows Messenger Pop-up spam



Some people may have also gone into "services" and
disabled the messenger service.


Which will merely have lulled them into a false sense of security,
since the traffic is still making it to their IP stack. For windows
boxen, this is almost as good as "game over"
Not necessarily. I have disabled the Messenger service. This has less to do with pop-ups as it does general security. I have no need for the Messenger service. It is part of hardening a system to turn off unneeded services. Any unneeded service running is an unnecessary risk as it may have other vulnerabilities (as we have seen with the Messenger service and the sendmail daemon to name a few). And yes, I do have a firewall up and am behind a router so I wasn't getting hit by pop-ups anyways. Any box with XP SP2 installed should block the Messenger traffic by default as well. So it isn't "game over" for all windows systems.
Anyone who has no firewall (doesn't have SP2 installed) and no router and turns off the Messenger service would probably be lulled into a false sense of security.
Previous By Date Next
Previous By Thread Next

Current thread: