how to stop messenger

[michael kovacs]

I continouosly get a spam message through Messenger
Service, that advertises itself as a pop-up stopper of
this same nasty pop-up directing the reader to their
messengerdestroyer product.

In Windows 2000 it was possible to eradict that annoying
pop-up with Message Stop action in administrative
tools/services/messenger/stop.

Seemingly in XP the Messenger is a saint cow untouchable,
pushed by M$ through the throat of the resisting public
that helps spammers and the like to avoid other filters.

Anybody knows how to stop Windows Messenger in XP?

 

[Kevin Weilbacher]

get yourself a firewall --- you are open to all sorts of attacks and
hackers ---
-kw

 

[Doug Knox MS-MVP]

Open Help and Support and search for "firewall". This will tell you how to
enable XP's built in firewall. If you have a valid reason not to use a
firewall, click Start, Run and enter SERVICES.MSC Locate the Messenger
entry and double click it. Set it to Stopped and Disabled.

However, the reason they can get to the Messenger Service (not to be
confused with Windows Messenger) in the first place, is that your internet
connection is not secure.

http://www.dougknox.com/xp/tips/winmesspop.htm

 

[mk]

Thanks the advices.
I actually run ZoneAlarm firewall and in it blocked the Messenger before
asked this newsgroup.

From this group and the general XP newsgroup similar subjects I found out
that my original reaction was a little bit stupid. I deducted the problem is
not so simple, a service with good applications is turned against the
public:

1) Latest Windows Platforms are prone to be abused by unscrupulous mass
advertisers that use for their dirty purpose the client-server warning
mechanism. Microsoft makes no patch and does not care to inform and help the
public on this very serious security loophole.

2) The general advise is to switch on the XP's built in firewall in order to
stop incoming net traffic, seemingly all. (why do we have the net at all
then?)

3) How it will work together with ZoneAlarm or other firewalls and how can
one play interactive games with other servers is a question that first shall
be find out.

4) There is a cumbersome method opening individually ports for friendly
connections if required -described rudimentarily somewhere in the
knowledge-base. That may help. I will try it as a last resort.

I would appreciate any further comments.

Thanks,
MK

 

[Alun Jones [MS MVP]]

1) Latest Windows Platforms are prone to be abused by unscrupulous mass
advertisers that use for their dirty purpose the client-server warning
mechanism. Microsoft makes no patch and does not care to inform and help the
public on this very serious security loophole.

Because the security loophole occurs before then, at the border between your
network and the Internet, where you should install a firewall.

2) The general advise is to switch on the XP's built in firewall in order to
stop incoming net traffic, seemingly all. (why do we have the net at all
then?)

It's certainly not so that anyone and his wife can send me any damn packet
they choose! All software has bugs - that's a frequently proven maxim.
This means that most network software is exploitable, if only you can figure
out the magic packet that can kill it. So, why not protect your network
software from all but the packets that you want? That is the purpose of a
firewall, to ensure that the only stuff coming into your computer is stuff
you ask for. I've been using a firewall for the last several years, and it
has not impinged on my use of the Internet at all.

3) How it will work together with ZoneAlarm or other firewalls and how can
one play interactive games with other servers is a question that first shall
be find out.

Each game is pretty much a law unto itself, because they vary in how they
assign ports, and how connections between players (if those are even
allowed) are made. Only by looking at individual games' tech support sites
can you find out this sort of information. Most modern games will work
quite happily in conjunction with modern firewalls.

4) There is a cumbersome method opening individually ports for friendly
connections if required -described rudimentarily somewhere in the
knowledge-base. That may help. I will try it as a last resort.

How often do you have to accept incoming connections? Are you running a
server?

Finally, note that worms like Blaster are stopped by firewalls (although
there is always the possibility that infected machines can contact your
network through other means - see, for instance, that some systems at one
company got infected when a visiting salesman plugged his laptop into the
company LAN - behind the firewall), because they are trying to send
malicious packets on ports that are open, but not particularly well used.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]

 

[Bruce Chambers]

Greetings --

Then you simply do not have ZoneAlarm configured properly. It's
not enough to just slap on a firewall. You need to learn to use it.

Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH

 

[Alun Jones [MS MVP]]

Alun is right in every respect except providing solution to the root cause
that even my running ZoneAlarm could not preempt. For the sake of those who
are interested to solve the annoying pop-ups that pretend to be Messenger
Service, I repeat again in this thread:

My internet connection was wide open to this kind of attack even if
ZoneAlarm was running!!!!!!!!

Sorry - you're right, I forget sometimes to add that when you install a
firewall, it has to be one that actually works. Some firewalls come
configured closed, others come configured open. The instructions I pointed
to were for ICF, which comes closed. ZoneAlarm, I'm not familiar with.

I'd hate to think what else you're open to - the ports that the Messenger
Service spam comes in on are NetBIOS and RPC ports. The Blaster worm used
RPC ports to propagate, and NetBIOS is just something that you _shouldn't_
allow to be reached from outside your network.

Alun.
~~~~

[Please don't email posters, if a Usenet response is appropriate.]