B
Buddy4233 \(removethis\)
whats the best product to use to stop the messenger pop-
ups i am using XP
ups i am using XP
N
Nico Tomacelli [MSFT]
Hi Buddy,
What messenger pop ups are you referring to? If it's the Messenger service
you are referring to, you can do the following.
Start - Run - Services.msc. Find Messenger in the list and change it to
disabled and Stop it.
Hope this helps.
Thanks,
Nico Tomacelli
Microsoft Corp.
US - Windows Core:SOLID
This posting is provided "AS IS" with no warranties, and confers no rights.
=====================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from your issue.
=====================================================
What messenger pop ups are you referring to? If it's the Messenger service
you are referring to, you can do the following.
Start - Run - Services.msc. Find Messenger in the list and change it to
disabled and Stop it.
Hope this helps.
Thanks,
Nico Tomacelli
Microsoft Corp.
US - Windows Core:SOLID
This posting is provided "AS IS" with no warranties, and confers no rights.
=====================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from your issue.
=====================================================
J
Jupiter Jones [MVP]
Nico;
Do you really think that is best?
Is it not better to solve the actual problem of the unprotected ports
by using a firewall?
Disabling Messenger Service may be a good thing but is does nothing
for the real issue of the unprotected computer.
Do you really think that is best?
Is it not better to solve the actual problem of the unprotected ports
by using a firewall?
Disabling Messenger Service may be a good thing but is does nothing
for the real issue of the unprotected computer.
N
Nico Tomacelli [MSFT]
That is a good point Jupiter and I forgot that in my response. My bad. 
Thanks for pointing it out.
I usually give users the choice. Either to turn off the messenger service
or to turn on the firewall and configure the appopriate ports to be open
(the preferred avenue). This way the user has the last say in how they want
their system to be configured.
Thanks again!
Nico Tomacelli
Microsoft Corp.
US - Windows Core:SOLID
This posting is provided "AS IS" with no warranties, and
confers no rights.
=====================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from your issue.
=====================================================
Thanks for pointing it out.
I usually give users the choice. Either to turn off the messenger service
or to turn on the firewall and configure the appopriate ports to be open
(the preferred avenue). This way the user has the last say in how they want
their system to be configured.
Thanks again!
Nico Tomacelli
Microsoft Corp.
US - Windows Core:SOLID
This posting is provided "AS IS" with no warranties, and
confers no rights.
=====================================================
When responding to posts, please "Reply to Group" via your newsreader
so that others may learn and benefit from your issue.
=====================================================
B
Bruce Chambers
Greetings --
Does the title bar of these pop-ups read "Messenger Service?"
This type of spam has become quite common over the past several
months, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you may well be open to other threats, such as the Blaster Worm that
recently swept cross the Internet. Install and use a decent,
properly configured firewall. (Merely disabling the messenger
service, as some people recommend, only hides the symptom, and does
little or nothing to truly secure your machine.) And ignoring or just
"putting up with" the security gap represented by these messages is
particularly foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Whichever firewall you decide upon, be sure to ensure
UDP ports 135, 137, and 138 and TCP ports 135, 139, and 445 are _all_
blocked. You may also disable Inbound NetBIOS (NetBIOS over TCP/IP).
You'll have to follow the instructions from firewall's manufacturer
for the specific steps.
You can test your firewall at:
Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT
Security Scan - Sygate Online Services
http://www.sygatetech.com/
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
"Buddy4233 (removethis) @aol.com"
Does the title bar of these pop-ups read "Messenger Service?"
This type of spam has become quite common over the past several
months, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you may well be open to other threats, such as the Blaster Worm that
recently swept cross the Internet. Install and use a decent,
properly configured firewall. (Merely disabling the messenger
service, as some people recommend, only hides the symptom, and does
little or nothing to truly secure your machine.) And ignoring or just
"putting up with" the security gap represented by these messages is
particularly foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Whichever firewall you decide upon, be sure to ensure
UDP ports 135, 137, and 138 and TCP ports 135, 139, and 445 are _all_
blocked. You may also disable Inbound NetBIOS (NetBIOS over TCP/IP).
You'll have to follow the instructions from firewall's manufacturer
for the specific steps.
You can test your firewall at:
Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT
Security Scan - Sygate Online Services
http://www.sygatetech.com/
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
"Buddy4233 (removethis) @aol.com"
B
Bruce Chambers
Greetings --
I realize that you're trying to help, and that such an intent is
commendable, but please don't post potentially harmful advice.
Disabling the messenger service, you advised, is a "treat the
symptoms" approach to computer security that still leaves the PC
vulnerable to threats such as the W32.Blaster.Worm.
The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful service by acting as a security alert.
The true problem is the unsecured computer, and your only advice,
however well-intended, was to turn off the warnings.
Equivalent Scenario: Pulling the battery out of a noisy smoke
detector instead of seeking and eliminating the source of the smoke
that set it off.
The only true way to secure the PC, short of disconnecting it from
the Internet, is to install and *properly* configure a firewall; just
installing one and letting it's default settings handle things is no
good.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
I realize that you're trying to help, and that such an intent is
commendable, but please don't post potentially harmful advice.
Disabling the messenger service, you advised, is a "treat the
symptoms" approach to computer security that still leaves the PC
vulnerable to threats such as the W32.Blaster.Worm.
The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful service by acting as a security alert.
The true problem is the unsecured computer, and your only advice,
however well-intended, was to turn off the warnings.
Equivalent Scenario: Pulling the battery out of a noisy smoke
detector instead of seeking and eliminating the source of the smoke
that set it off.
The only true way to secure the PC, short of disconnecting it from
the Internet, is to install and *properly* configure a firewall; just
installing one and letting it's default settings handle things is no
good.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
L
Lanwench [MVP - Exchange]
Nico said:That is a good point Jupiter and I forgot that in my response. My
bad.
I usually give users the choice. Either to turn off the messenger
service or to turn on the firewall and configure the appopriate ports
to be open (the preferred avenue). This way the user has the last
say in how they want their system to be configured.
I wouldn't recommend simply disabling the messenger service- a lot of people
will think this is "just as good" as using a firewall. I think it's
appropriate to mention that messenger spam is merely a fairly innocent
symptom of a much larger security problem.
K
Kevin Davis³
Don't forget that the Messenger Service would also provide a useful
service to hackers if it is not patched:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-043.asp
Setup a firewall first, but if you don't need the Messenger Service,
turn it off. If you need it, patch it. You would also be well
advised to spend $50 and buy a home router.
Be especially wary of people who would insist on having you keep the
Messenger Service on as a "helpful feature" and conveniently
forgetting to inform you that it has a very serious vulnerability that
needs to be patched immediately.
And of particular interest is that Microsoft itself and security
experts are seriously reconsidering the role of the Messenger service:
http://www.infoworld.com/article/03/10/28/HNmessengeroff_1.html
http://www.pcworld.com/news/article/0,aid,113321,tk,dn110703X,00.asp
http://news.com.com/2100-7355_3-5095935.html
http://www.cnn.com/2003/TECH/internet/11/07/microsoft.popup.reut/index.html
Here's a link where Microsoft actually outright advises the user to
turn off the Messenger Service:
http://www.microsoft.com/WindowsXP/pro/using/howto/communicate/stopspam.asp
Those who would advise not to turn off the Messenger Service for the
less than trivial unintended side benefit of being a warning is
dispensing advice which contradicts the advice of many real security
professionals.
If you were protecting your house and you had one door that nobody
ever used and that door was really loud and squeaky, would you:
A: Keep the door unlocked all the time and actually depend on the
loud squeak of the door to be an integral part of your house alarm
system to alert you of an intruder?
or
B. Since no legitimate people would ever use the door, bar the door
shut so that there was no chance no-one could enter through it?
K
Kevin Davis³
Equivalent scenario:
If you were protecting your house and you had one door that nobody
ever used and that door was really loud and squeaky, would you:
A: Keep the door unlocked all the time and actually depend on the
loud squeak of the door to be an integral part of your house alarm
system to alert you of an intruder?
or
B. Since no legitimate people would ever use the door, bar the door
shut so that there was no chance no-one could enter through it?
K
Kevin Davis³
It won't be fairly innocent if the victim doesn't have their system
patched against the serious vulnerability in the Messenger Service.
Or perhaps be susceptible to another vulnerability that may exist in
it that we don't know about yet. Yes, certainly a firewall is needed,
but turn off unneeded services (which, for many people includes the
Messenger Service) as well. This is called hardening your system and
is just part of a layered security approach that most security experts
recommend.
L
Lanwench [MVP - Exchange]
Kevin said:
What I mean is that the messenger spam itself is not the problem. It
indicates a far larger underlying security problem. Re-read my post. ;-)
K
Kevin Davis³
]On Sat, 13 Mar 2004 17:50:38 -0500, "Lanwench [MVP - Exchange]"
Not to be contentious, but I did read your post the first time and you
said that Messenger Service pop-ups are fairly innocent symptoms. My
comment is that it may or may not be depending on the circumstances.
Nothing you just said changes that.
Not to be contentious, but I did read your post the first time and you
said that Messenger Service pop-ups are fairly innocent symptoms. My
comment is that it may or may not be depending on the circumstances.
Nothing you just said changes that.
L
Lanwench [MVP - Exchange]
Kevin said:
Symptoms=innocent. Messenger spam itself doesn't hurt your computer; it's an
irritant. Underlying problem=not innocent.
K
Kevin Davis³
Just getting the Messenger spam means your messenger service is
enabled. Just by that fact alone, the condition can be less than
innocent in that the Messenger service may not be patched from the
serious vulnerability it has or have other vulnerabilities not known
of yet.
Your contention is that the sole underlying problem is that a firewall
is not running blocking those connections. I agree that this is *a*
problem, but not the only one. The other possible problems are that
the Messenger service is running and it may not need to be and that it
is needed and may not be patched. All related problems need to be
addressed and not just the mythical silver bullet of putting up a
firewall to fix everything be the sole action being taken.