Broadcast Messaging

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

Using XP Home, SP

Let me say first that I have already searched Help & Support; I have
Googled; and searched other places before bothering you.

After LOC does its' scan at 2AM, event viewer records a message every 11
minutes that broadcast messaging is not working. I don't use outgoing
broadcast messaging. As soon as I begin to use my PC, the notices stop.

Do I have a problem with my PC? Is there someway I can get the software to
stop creating this error message?

One person has replied to me by saying I should be in a different newsgroup.
I have read many questions/comments about LOC in this newsgroup; I hope I
have not offended anyone.
 
2 things:

1) START, CONTROL PANEL, ADMINISTRATIVE TOOLS, SERVICES & check to see if
the MESSENGER service is running

I don't suggest you enable it though because you will get all those
Messenger SPAM advertising windows appear as the SPAMMERS flood the IPs

2) Let us know of the exact error number in the event logs because it can be
then cross referenced...

I hope this helps,
 
Newbie said:
1) START, CONTROL PANEL, ADMINISTRATIVE TOOLS, SERVICES & check to
see if the MESSENGER service is running

I don't suggest you enable it though because you will get all those
Messenger SPAM advertising windows appear as the SPAMMERS flood the
IPs
Click to expand...


No, it's not Messenger Service that causes or allows the spam. It's running
without a firewall enabled that does it.
 
I have Windows 2000 Pro as my development machine & if you run the messenger
sevice then you get those messenger spam popup.

In 2002, I wrote a tool to stop/disable the Messenger service because of
this problem.

Agreed a Firewall would block them, but for people not using one will
continue to get the SPAM popups until they did disable the Messenger
service. Try it for yourself or type into Google & you're soon find I am
correct because of the number of tools out there that do exactly the same
thing as I have just described.
 
Newbie said:
I have Windows 2000 Pro as my development machine & if you run the
messenger sevice then you get those messenger spam popup.
Click to expand...


Only *if* you don't use a firewall. The operating system doesn't matter.

In 2002, I wrote a tool to stop/disable the Messenger service because
of this problem.

Agreed a Firewall would block them, but for people not using one will
continue to get the SPAM popups until they did disable the Messenger
service. Try it for yourself
Click to expand...


I don't have to try it. I know that's correct. Nevertheless the preferable
way by far to stop the popups is to enable a firewall. Turning off Messenger
Service is addressing the symptom, not the disease.

Running without a firewall is foolhardy.

--
Ken Blake - Microsoft MVP Windows: Shell/User
Please reply to the newsgroup



or type into Google & you're soon find I
 
Its not many years ago when firewalls weren't so popular, Ken.

You are the only person who hangs on to your theory everyone else would
agree with me. You know I am right?

Besides, why would you need the messenger service running on a standalone
machine? You don't because its an administrative tool for broadcasting
across the network
 
Newbie said:
Its not many years ago when firewalls weren't so popular, Ken.
Click to expand...


True, but irrelevant. The issue has nothing to do with popularity.

You are the only person who hangs on to your theory everyone else
would agree with me.
Click to expand...


Everyone else? Not at all. Some other uninformed people might agree with
you, but I know many who don't.

You know I am right?
Click to expand...


On the contrary, I know you're wrong.

The distinction between our positions is this:

You want to allow the malicious crap onto your machine, but turn off its
ability to communicate with you.

I want to keep the malicious crap off my machine entirely.

I'll repeat what I said earlier: running without a firewall is foolhardy. If
you have a firewall running, there's no need to turn off Messenger Service.


Besides, why would you need the messenger service running on a
standalone machine? You don't because its an administrative tool for
broadcasting across the network
Click to expand...


Two points:

1. The OP never said that his is a standalone machine.

2. It doesn't matter whether it's a standalone machine or not. My concern
has little to do with whether Messenger Service is running or not. My
concern is that turning off Messenger Service is *not* adequate protection.
It makes the popups disappear, but continues to allow the underlying malware
into your computer.
 
Newbie Coder said:
Its not many years ago when firewalls weren't so popular, Ken.

You are the only person who hangs on to your theory everyone else would
agree with me. You know I am right?

Besides, why would you need the messenger service running on a standalone
machine? You don't because its an administrative tool for broadcasting
across the network
Click to expand...

Ken's the only one who hangs on to what theory? That one should not be
online without a firewall? One should never go online without a firewall.
Using a router with NAT helps but a firewall should still be used. I
certainly don't agree with you. The messenger service being on actually
performs a service. If the spam pop ups occur then it's a good warning that
the system is not protected with a firewall that is doing it's job.
 
Rock said:
Ken's the only one who hangs on to what theory? That one should not be
online without a firewall? One should never go online without a
firewall. Using a router with NAT helps but a firewall should still be
used. I certainly don't agree with you. The messenger service being on
actually performs a service. If the spam pop ups occur then it's a good
warning that the system is not protected with a firewall that is doing
it's job.
Click to expand...
My opinion is that turning a firewall on and turning Messenger
off(removed or at least disabled) is a sure-fire approach.

Bill
 
Read 1/2 way down the page in Green, Ken (before introducing SHOOT THE
MESSENGER) & the top of the article too:

http://www.grc.com/stm/shootthemessenger.htm

It says:

Even if your Windows 2000 or XP machine is safe
behind a personal firewall or NAT router, shutting
down the Messenger Service is a good idea.

Notice the date on the application. It says 2003

Another page:

http://www.updatexp.com/messenger_service_spam.html

This page states what you said, but also if you see the workaround Microsoft
tells you to disable the Messenger service:

http://support.microsoft.com/kb/330904

Another page:

http://www.spywareguide.com/txt_messengerspam.php

Source Code:

http://www.planet-source-code.com/vb/scripts/ShowCode.asp?txtCodeId=1372&lngWId=10

etc etc etc
 
Newbie said:
I have Windows 2000 Pro as my development machine & if you run the messenger
sevice then you get those messenger spam popup.
Click to expand...


Then you *NEED* to install a firewall.

In 2002, I wrote a tool to stop/disable the Messenger service because of
this problem.

Agreed a Firewall would block them, but for people not using one will
continue to get the SPAM popups until they did disable the Messenger
service. Try it for yourself or type into Google & you're soon find I am
correct because of the number of tools out there that do exactly the same
thing as I have just described.
Click to expand...

Merely disabling the messenger service, as you advise, is a
dangerous "head in the sand" approach to computer security that leaves
the PC vulnerable to threats such as the W32.Blaster, W32.Welchia, and
W32.Sasser worms.

The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful, if unintentional, service by acting as a
security alert. The true problem is the unsecured computer, and your
only advice, however well-intended, was to turn off the warnings. Was
this truly helpful?

The problem is that turning off the Messenger Service does *not*
block the wide open TCP and UDP ports that the spammers used to
deliver the spam to the Messenger Service for display. With the
Messenger Service disabled, those spam deliveries are still
continuing, but they're simply not being displayed. It's like pulling
the battery out of a noisy smoke detector to silence it, rather than
looking for and eliminating the source of the smoke that set it off.

The danger of this "treat the symptoms" approach has been more
than aptly demonstrated by the advent of the W32.Blaster.Worm, the
W32.Welchia.Worm, the W32.Sasser. Worm, and their variants. These
worms attack PCs via some of the very same open ports that the
Messenger Service uses. Need I mention how many hundreds of thousands
of PCs have been infected by these worms since August of 2003? To date,
according to my records, I have personally responded to over 1000
Usenet posts concerning Blaster/Welchia/Sasser infections since last
then, and I can't possibly have seen and replied to every one that
there's been posted in this period.

Now, how many of those infected with Blaster/Welchia had turned
off the Messenger Service to hide spam? I can't say, and I don't
think anyone can. What I can say with absolutely certainty is that if
they'd all had a properly configured firewall in place, they would
have blocked the annoying spam _and_ been safe from a great many other
dangers, particularly Blaster/Welchia/Sasser.


--

Bruce Chambers

Help us help you:



They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell
 
Newbie said:
Its not many years ago when firewalls weren't so popular, Ken.
Click to expand...


It's not a popularity contest; it's a matter of security.

You are the only person who hangs on to your theory everyone else would
agree with me. You know I am right?
Click to expand...

Ah, but you're not right, and only a completely uninformed neophyte
would agree with you.

Besides, why would you need the messenger service running on a standalone
machine? You don't because its an administrative tool for broadcasting
across the network
Click to expand...

You wouldn't; because, by definition, a "standalone" machine is not
connected to *ANY* sort of network, including the Internet. In case you
hadn't noticed, we're not discussing standalone machines.


--

Bruce Chambers

Help us help you:



They that can give up essential liberty to obtain a little temporary
safety deserve neither liberty nor safety. -Benjamin Franklin

Many people would rather die than think; in fact, most do. -Bertrand Russell
 
Back
Top