Security Basics mailing list archives
RE: Windows Messenger Pop-up spam
From: "David Gillett" <gillettdavid () fhda edu>
Date: Mon, 29 Nov 2004 15:42:24 -0800
IIRC, Berkeley finally realized that allowing NetBIOS to/from the outside world was a bad idea last year during the MSBLAST epidemic. (My response to "how to turn off the messenger service" instructions has always been that if you turn it off and yet leave NetBIOS exposed, you're still vulnerable to a lot worse than Messenger spam; if you block it, Messenger traffic is blocked too.)
-----Original Message----- From: Jon Lawhead [mailto:samurai () berkeley edu] Sent: Monday, November 29, 2004 12:19 PM To: Matthew Romanek; security-basics () securityfocus com Subject: Re: Windows Messenger Pop-up spam Like all spammers, those who advertise (intrusively) through Windows Messenger only do so to make a profit. When directions for disabling Windows Messenger started being easily available, and when ISP's and tech support workers started urging (or forcing) customers to install firewall software, advertising with Windows Messenger ceased to be quite as profitable, so they stopped doing it. I work for IT at UC Berkeley, and 8,000 students arrive every year, many with no protection, and I've yet to hear a complaint about this. That may be, as you said, that something more serious infects them before the spammers have a chance to find them, but I don't think so. Jon Lawhead UC Berkeley SINE/ResComp On Mon, 29 Nov 2004 07:24:54 -0800 Matthew Romanek <shandower () gmail com> wrote:Hey all, I've a question, asked purely for the sake of curiosity. I was just reminded of the bad old days working for an ISPwhere everyother call was about lewd messages popping up on a user's screen when they weren't even doing anything. Windows messaging popups were THE complaint at the time, and slowly we convinced people that personal firewalls were a good idea (via messenger popups, no less. We were a scummy little ISP, and no great bastion of morality). It just occured to me that I (personally) haven't seen a popup in several years. I assume it's because we've learned about security and firewalling and all that. So my question is: Is this sort of stuff still a problem? Does it still exist in the wild? I suppose I could plug an unprotected windows machine into a public IP address, but I think I'd be likely to be taken out by something worse before a messenger ad comes along. And I'm not THAT curious. :) -- Matthew 'Shandower' Romanek IDS Analyst
Current thread:
- Windows Messenger Pop-up spam Matthew Romanek (Nov 29)
- Re: Windows Messenger Pop-up spam Jon Lawhead (Nov 29)
- RE: Windows Messenger Pop-up spam David Gillett (Nov 30)
- Re: Windows Messenger Pop-up spam Ramsey Consulting Services (Nov 29)
- RE: Windows Messenger Pop-up spam Paul Kurczaba (Nov 29)
- <Possible follow-ups>
- RE: Windows Messenger Pop-up spam Chris Merkel (Nov 29)
- Re: Windows Messenger Pop-up spam Andrew Smith (Nov 30)
- Windows Messenger Pop-up spam Seth Jackson (Nov 30)
- RE: Windows Messenger Pop-up spam Beauford, Jason (Nov 30)
- RE: Windows Messenger Pop-up spam Steven Trewick (Nov 30)
- Re: Windows Messenger Pop-up spam Jon Lawhead (Nov 29)