T
tshortridge
Has anyone found an answer to stopping these permanantly?
Does microsoft offer any dowmloads against all pop-ups
through messenger?
Does microsoft offer any dowmloads against all pop-ups
through messenger?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
B
Bruce Chambers
Greetings --
There's no update or patch necessary, as the means of blocking
this sort of spam has been readily and freely available, built into
the WinXP OS, all along.
Does the title bar of these pop-ups read "Messenger Service?"
This particular "sales method" is strikingly similar to the
"protection" rackets offered to small businesses by organized
criminals. Yes, it's a scam; no reputable business would need to
resort to extortion. Particularly since they're trying to sell you a
type of protection that is already available to you free of charge.
This type of spam has become quite common over the past few
months, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you may well be open to other threats. Install and use a decent,
properly configured firewall. (Disabling the messenger service, as
some people recommend, only hides the symptom, and does nothing to
secure your machine.) And ignoring or just "putting up with" these
messages and the problem they represent is particularly foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service is a "head in the sand" approach to computer security.
The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful service by acting as a security alert. The
true problem is the unsecured computer, and you've been
advised to merely turn off the warnings. How is this helpful?
Equivalent Scenario 1: Somewhere in a house, a small fire starts,
and sets off the smoke alarm. You, not immediately seeing any
fire/smoke, complain about the noise of the smoke detector, and are
advised to remove the smoke detector's battery and go back to sleep.
Equivalent Scenario 2: You over-exert your shoulder at work or
play, causing bursitis. After weeks of annoying and sometimes
excruciating pain whenever you try to reach over your head, you go to
a doctor and say, while demonstrating the motion, "Doc, it hurts when
I do this." The doctor, being as helpful as some of your respondents,
replies, "Well, don't do that."
I'm beginning to think that the people deliberately posting such
bad advice are hacker-wannabes who have no true interest in helping
you secure your system, but would rather give you a false sense of
security while ensuring that your computer is still open to
exploitation.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
There's no update or patch necessary, as the means of blocking
this sort of spam has been readily and freely available, built into
the WinXP OS, all along.
Does the title bar of these pop-ups read "Messenger Service?"
This particular "sales method" is strikingly similar to the
"protection" rackets offered to small businesses by organized
criminals. Yes, it's a scam; no reputable business would need to
resort to extortion. Particularly since they're trying to sell you a
type of protection that is already available to you free of charge.
This type of spam has become quite common over the past few
months, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you may well be open to other threats. Install and use a decent,
properly configured firewall. (Disabling the messenger service, as
some people recommend, only hides the symptom, and does nothing to
secure your machine.) And ignoring or just "putting up with" these
messages and the problem they represent is particularly foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service is a "head in the sand" approach to computer security.
The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful service by acting as a security alert. The
true problem is the unsecured computer, and you've been
advised to merely turn off the warnings. How is this helpful?
Equivalent Scenario 1: Somewhere in a house, a small fire starts,
and sets off the smoke alarm. You, not immediately seeing any
fire/smoke, complain about the noise of the smoke detector, and are
advised to remove the smoke detector's battery and go back to sleep.
Equivalent Scenario 2: You over-exert your shoulder at work or
play, causing bursitis. After weeks of annoying and sometimes
excruciating pain whenever you try to reach over your head, you go to
a doctor and say, while demonstrating the motion, "Doc, it hurts when
I do this." The doctor, being as helpful as some of your respondents,
replies, "Well, don't do that."
I'm beginning to think that the people deliberately posting such
bad advice are hacker-wannabes who have no true interest in helping
you secure your system, but would rather give you a false sense of
security while ensuring that your computer is still open to
exploitation.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
K
Kevin Davis³
Has anyone found an answer to stopping these permanantly?
Does microsoft offer any dowmloads against all pop-ups
through messenger?
Installing only a firewall to stop pop-up messages is a "putting all
your eggs in one basket" approach to computer security.
If the user is a home user there is a likelihood that not only do they
not use the messenger service, but don't even know it exists.
However, there are some popular consumer anti-virus products that use
them like Norton's. The user should find out if they need the service
and shut it off if not needed as well as installing and configuring a
firewall. If there is any doubt, it is probably best to leave it on,
but certainly don't rely only on a software firewall to protect you.
Software firewalls like most software, have been susceptable to
vulnerabilities. Good security advice would have them install an
inexpensive hardware SOHO router/"firewall" (like a linksys or
netgear), a personal software firewall, *and* disable the messenger
service (if not needed).
To be truly as secure as reasonably possible, a mutli-layered defense
is required. Additional actions such as applying critical OS
udates/patches, unbinding NetBeui from TCP\IP, and disabling NetBIOS
over TCP\IP is also highly recommended. An excellent place to start
learning about the various things you can do to secure yourself is
http://www.sans.org/rr/catindex.php?cat_id=26
Turning off the messenger service providesthe user with 2 benefits.
First, it will provide a more secure system in that the user will not
be susceptible to any vulnerabilities that may exist in the messenger
service today or that may be found in the future.
A great example is sendmail. It is (or at least was) installed and
running on Linux systems as a daemon by default and had been regarded
as very secure. Recently they found a serious vulnerability that had
been there for over 15 years. Who knows how long the hackers knew
about it? How many people left themselves vulnerable by leaving that
ervice on and didn't need it?. Relying on one and only one line of
defense (a software firewall) is foolish. You should harden your
system as well as install a firewall. Doing one does not mean that
you shouldn't do the other.
Second, it will return some system resources that were being used by a
service that was useless to the user.
In the case that the user is a corporate user and the messenger
service is being used, then it should not be disabled. However, if
you advise him to install a firewall on his own you could be advising
them to do something that could cause their termination. Many
businesses deal very harshly with this type of behavior. If the user
is a corporate user, they should alert their System Admin of these
pop-ups getting through so they can block the traffic at their border
routers/firewalls and solicit their advice as to what they can do, if
anything, as a corporate user to avoid receiving the pop-ups.
Ask a Question
Want to reply to this thread or ask your own question?
You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.