Security Incidents mailing list archives
Re: Source of Windows PopUp SPAM
From: David Kennedy CISSP <dkennedy () computer org>
Date: Sat, 19 Oct 2002 03:17:19 -0400
At 09:37 AM 10/18/02 +1200, Nick FitzGerald wrote:
Michael Katz <mike () procinct com> replied to Ron Trenka:Anyone have a way to disable this on W2K and NT 4.0 servers?Stop and disable the Messenger service.That will certainly do it but may remove other "useful" functionality that depends on the Messenger service for delivering system alerts (AV software, various system monitoring/alerting tools, etc). If you'd rather keep (some of) that functionality, read the end of the following page (a really good link originally posted by Gary Flynn) where binding services to specific interfaces is described: http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html
Blocking 135-139 (TCP/UDP)(in/out) at the border routers seems to scale much better than tweaking a bunch of Windows boxes, leaves the service available for useful "stuff" you've cited and also prevents other unpleasantness known and unknown, present and future (see yesterday's Bugtraq). I've seen several mentions of firewalling for this and that seems to me to be a waste of performance having a firewall do what a router can do more efficiently with equal effectiveness. -- Regards, David Kennedy CISSP /"\ Director of Research Services, \ / ASCII Ribbon Campaign TruSecure Corp. http://www.trusecure.com X Against HTML Mail Protect what you connect; / \ Look both ways before crossing the Net.
Attachment:
_bin
Description:
Current thread:
- RE: Source of Windows PopUp SPAM, (continued)
- RE: Source of Windows PopUp SPAM Brenna Primrose (Oct 16)
- RE: Source of Windows PopUp SPAM Lawrence Baldwin (Oct 15)
- Re: Source of Windows PopUp SPAM Ron Trenka (Oct 16)
- Re: Source of Windows PopUp SPAM Michael Katz (Oct 16)
- Re: Source of Windows PopUp SPAM Nick FitzGerald (Oct 17)
- Re: Source of Windows PopUp SPAM Ron Trenka (Oct 16)
- RE: Source of Windows PopUp SPAM H C (Oct 16)
- RE: Source of Windows PopUp SPAM Rob Keown (Oct 16)
- RE: Source of Windows PopUp SPAM H C (Oct 17)
- Re: Source of Windows PopUp SPAM Gary Flynn (Oct 17)
- RE: Source of Windows PopUp SPAM H C (Oct 17)
- Re: Source of Windows PopUp SPAM Richard Akerman (Oct 18)
- Re: Source of Windows PopUp SPAM David Kennedy CISSP (Oct 20)