Security Basics mailing list archives
Re: Windows Messenger Pop-up spam
From: "'Ansgar -59cobalt- Wiechers'" <bugtraq () planetcobalt net>
Date: Thu, 2 Dec 2004 18:08:13 +0100
David, On 2004-12-01 David Gillett wrote:
From: Ansgar -59cobalt- Wiechers [mailto:bugtraq () planetcobalt net]On 2004-11-30 Beauford, Jason wrote:Block those Ports!Why? Simply disable the stupid messenger service (because obviously it's not needed anyway). There's no need to block any port because of messenger spam.That would be true, if all that ever used those ports was Messenger. But it's NOT! The same ports are used for a bunch of stuff that you *really* do not want to be exchanging with the wild wild net. Block those ports, and no longer seeing Messenger spam is the *smallest* (if most visible) way in which your system will become safer.
I thought at least you would get my point. However, maybe I have to be more verbose. We were talking about messenger spam only, and therefore it's pretty much sufficient to disable the messenger service. No other action needed, especially not blocking any ports. Period. But let's assume we're talking not only about messenger spam but malware in general. Why would I rather block specific ports instead of disabling unneeded services? In the latter case I won't *have* anything that needs to be protected at all¹. Plus Personal Firewalls proved theirselves to be much less reliable than one would like to think. Do I have to remind you of the Witty worm? Sure, you can argue that maybe the host acts as a router for some local network (ICS or something). However, I would still have to ask: why does he need to provide any services at all? A router is not supposed to provide services. Period. If one needs Internet connectivity for a local network and needs all computers as workstations, then bite the damn bullet and buy a router. They're not *that* expensive. And of course one would block *everything* except for the desired traffic on the network *perimeter*, not only deny the undesired traffic on the host itself. If there's no LAN but just a single host with Internet connection, then why does the box need to provide any services at all? IMnsHO. Regards Ansgar Wiechers ¹ BTDT² ² http://www.ntsvcfg.de/ -- "Those who would give up liberty for a little temporary safety deserve neither liberty nor safety, and will lose both." --Benjamin Franklin
Current thread:
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 01)
- RE: Windows Messenger Pop-up spam David Gillett (Dec 02)
- Re: Windows Messenger Pop-up spam 'Ansgar -59cobalt- Wiechers' (Dec 02)
- RE: Windows Messenger Pop-up spam David Gillett (Dec 03)
- Re: Windows Messenger Pop-up spam 'Ansgar -59cobalt- Wiechers' (Dec 03)
- Re: Windows Messenger Pop-up spam Kevin Davis (Dec 03)
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 07)
- Re: Windows Messenger Pop-up spam Kevin Davis (Dec 08)
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 09)
- Re: Windows Messenger Pop-up spam Michael Painter (Dec 10)
- Message not available
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 13)
- Re: Windows Messenger Pop-up spam 'Ansgar -59cobalt- Wiechers' (Dec 02)
- RE: Windows Messenger Pop-up spam David Gillett (Dec 02)
- <Possible follow-ups>
- Re: Windows Messenger Pop-up spam Kevin Davis (Dec 01)
- Re: Windows Messenger Pop-up spam Ansgar -59cobalt- Wiechers (Dec 02)