J
Joe
I am getting flooded with pop-ups-any easy suggestions for
stopping them?
stopping them?
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
L
Lanwench [MVP - Exchange]
Does the window title say anything about Messenger? If so, you need a
firewall. 'Messenger spam', is not in itself harmful, but is symptomatic of
a larger problem - your computer has ports open from the Internet.
You can disable the Messenger service, but that is unwise as a solution as
you'll still have the underlying problem that caused you to get the messages
in the first place - consider the messages a useful warning that you have no
protection from the Internet. This is all too important now, given the
recent rash of RPC worms....
For a standalone machine, see www.sygate.com for a free personal firewall,
or if using Windows XP, you can enable the built-in internet connection
firewall (ICF).
See http://securityadmin.info/faq.htm for more info. Also,
http://www.mvps.org/winhelp2002/nopopups.htm is a good resource - although
for browser popups, you might want to consider http://toolbar.google.com -
it works like a champ and is also handy for searching.
firewall. 'Messenger spam', is not in itself harmful, but is symptomatic of
a larger problem - your computer has ports open from the Internet.
You can disable the Messenger service, but that is unwise as a solution as
you'll still have the underlying problem that caused you to get the messages
in the first place - consider the messages a useful warning that you have no
protection from the Internet. This is all too important now, given the
recent rash of RPC worms....
For a standalone machine, see www.sygate.com for a free personal firewall,
or if using Windows XP, you can enable the built-in internet connection
firewall (ICF).
See http://securityadmin.info/faq.htm for more info. Also,
http://www.mvps.org/winhelp2002/nopopups.htm is a good resource - although
for browser popups, you might want to consider http://toolbar.google.com -
it works like a champ and is also handy for searching.
B
Bruce Chambers
Greetings --
There are at least three varieties of pop-ups, and the solutions
vary accordingly. Which specific type(s) is troubling you?
1) Does the title bar of these pop-ups read "Messenger Service?"
This type of spam has become quite common over the past year or
so, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you most definitely open to other threats, such as the Blaster Worm
that still haunts the Internet. Install and use a decent, properly
configured firewall. (Merely disabling the messenger service, as some
people recommend, only hides the symptom, and does little or nothing
to truly secure your machine.) And ignoring or just "putting up with"
the security gap represented by these messages is particularly
foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Whichever firewall you decide upon, be sure to ensure
UDP ports 135, 137, and 138 and TCP ports 135, 139, and 445 are _all_
blocked. You may also disable Inbound NetBIOS (NetBIOS over TCP/IP).
You'll have to follow the instructions from firewall's manufacturer
for the specific steps.
You can test your firewall at:
Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT
Security Scan - Sygate Online Services
http://www.sygatetech.com/
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
2) For regular Internet pop-ups, you might try the free 12Ghosts
Popup-killer from http://12ghosts.com/ghosts/popup.htm, Pop-Up Stopper
from http://www.panicware.com/, or the Google Toolbar from
http://toolbar.google.com/, which is what I use.
3) To deal with pop-ups caused by any sort of "adware" and/or
"spyware,"such as Gator, Comet Cursors, Xupiter, Bonzai Buddy, or
KaZaA, and their remnants, that you've deliberately (but without
understanding the consequences) installed, two products that are
quite effective (at finding and removing this type of scumware) are
Ad-Aware from www.lavasoft.de and SpyBot Search & Destroy from
www.safer-networking.org/. Both have free versions. It's even
possible to use SpyBot Search & Destroy to "immunize" your system
against most future intrusions. I use both and generally perform
manual scans every week or so to clean out cookies, etc.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
There are at least three varieties of pop-ups, and the solutions
vary accordingly. Which specific type(s) is troubling you?
1) Does the title bar of these pop-ups read "Messenger Service?"
This type of spam has become quite common over the past year or
so, and unintentionally serves as a valid security "alert." It
demonstrates that you haven't been taking sufficient precautions while
connected to the Internet. Your data probably hasn't been compromised
by these specific advertisements, but if you're open to this exploit,
you most definitely open to other threats, such as the Blaster Worm
that still haunts the Internet. Install and use a decent, properly
configured firewall. (Merely disabling the messenger service, as some
people recommend, only hides the symptom, and does little or nothing
to truly secure your machine.) And ignoring or just "putting up with"
the security gap represented by these messages is particularly
foolish.
Messenger Service of Windows
http://support.microsoft.com/default.aspx?scid=KB;en-us;168893
Messenger Service Window That Contains an Internet Advertisement
Appears
http://support.microsoft.com/?id=330904
Stopping Advertisements with Messenger Service Titles
http://www.microsoft.com/windowsxp/pro/using/howto/communicate/stopspam.asp
Blocking Ads, Parasites, and Hijackers with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm
Whichever firewall you decide upon, be sure to ensure
UDP ports 135, 137, and 138 and TCP ports 135, 139, and 445 are _all_
blocked. You may also disable Inbound NetBIOS (NetBIOS over TCP/IP).
You'll have to follow the instructions from firewall's manufacturer
for the specific steps.
You can test your firewall at:
Symantec Security Check
http://security.symantec.com/ssc/vr_main.asp?langid=ie&venid=sym&plfid=23&pkj=GPVHGBYNCJEIMXQKCDT
Security Scan - Sygate Online Services
http://www.sygatetech.com/
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
2) For regular Internet pop-ups, you might try the free 12Ghosts
Popup-killer from http://12ghosts.com/ghosts/popup.htm, Pop-Up Stopper
from http://www.panicware.com/, or the Google Toolbar from
http://toolbar.google.com/, which is what I use.
3) To deal with pop-ups caused by any sort of "adware" and/or
"spyware,"such as Gator, Comet Cursors, Xupiter, Bonzai Buddy, or
KaZaA, and their remnants, that you've deliberately (but without
understanding the consequences) installed, two products that are
quite effective (at finding and removing this type of scumware) are
Ad-Aware from www.lavasoft.de and SpyBot Search & Destroy from
www.safer-networking.org/. Both have free versions. It's even
possible to use SpyBot Search & Destroy to "immunize" your system
against most future intrusions. I use both and generally perform
manual scans every week or so to clean out cookies, etc.
Bruce Chambers
--
Help us help you:
You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
S
Scott
Use MSN 9
SpyStopper (tm) & PestPatrol (tm)
A deadly combination.
SpyStopper (tm) & PestPatrol (tm)
A deadly combination.
K
Kevin Davis³
consider the messages a useful warning that you have no
protection from the Internet.
This goes against the advice of the vast majority of security
professionals. The well known defense in depth strategy promoted by
almost all respected security professionals includes turning off all
unneeded services by default as one of it's major points. Even
Microsoft has adopted the common sense approach of turning off all
unneeded services when they released Windows 2003 server and also
recommend that home users of XP disable their Messenger Service.
K
Kevin Davis³
Oh, and be especially wary of people who advise you to do nothing
more than disable the messenger service. Disabling the messenger
service, by itself, is a "head in the sand" approach to computer
security. The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert. The true problem is the unsecured computer, and
you've been advised to merely turn off the warnings. How is this
helpful?
Don't forget that the Messenger Service would also provide a useful
service to hackers if it is not patched:
http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-043.asp
Setup a firewall first, but if you don't need the Messenger Service,
turn it off. If you need it, patch it. You would also be well
advised to spend $50 and buy a home router.
Be especially wary of people who would insist on having you keep the
Messenger Service on as a "helpful feature" and conveniently
forgetting to inform you that it has a very serious vulnerability that
needs to be patched immediately.
And of particular interest is that Microsoft itself and security
experts are seriously reconsidering the role of the Messenger service:
http://www.infoworld.com/article/03/10/28/HNmessengeroff_1.html
http://www.pcworld.com/news/article/0,aid,113321,tk,dn110703X,00.asp
http://news.com.com/2100-7355_3-5095935.html
http://www.cnn.com/2003/TECH/internet/11/07/microsoft.popup.reut/index.html
Here's a link where Microsoft actually outright advises the user to
turn off the Messenger Service:
http://www.microsoft.com/WindowsXP/pro/using/howto/communicate/stopspam.asp
Those who would advise not to turn off the Messenger Service for the
less than trivial unintended side benefit of being a warning is
dispensing advice which contradicts the advice of many real security
professionals.
The real problem is _not_ the messenger service pop-ups;
they're actually providing a useful, if annoying, service by acting as
a security alert.
If you were protecting your house and you had one door that nobody
ever used and that door was really loud and squeaky, would you:
A: Keep the door unlocked all the time and actually depend on the
loud squeak of the door to be an integral part of your house alarm
system to alert you of an intruder?
or
B. Since no legitimate people would ever use the door, bar the door
shut so that there was no chance no-one could enter through it?
L
Lanwench [MVP - Exchange]
Kevin said:This goes against the advice of the vast majority of security
professionals. The well known defense in depth strategy promoted by
almost all respected security professionals includes turning off all
unneeded services by default as one of it's major points.
That doesn't negate the need for a firewall. That's the first step. Do you
really think home users are going to understand how to turn off unwanted
services? If they do, fine, but the firewall is the first layer of security.
Shouldn't be the only one, esp. in an enterprise environment, but it is the
first one.
Even
Microsoft has adopted the common sense approach of turning off all
unneeded services when they released Windows 2003 server and also
recommend that home users of XP disable their Messenger Service.
Show me a link wherein MS says that all that is needed is to shut off this
service. Messenger spam is not the problem. The problem is that if it can
get in, so can other varmints.
WinXP SP2 will have the firewall enabled by default, which is a Good Thing.
G
Guest
You can radically reduce -(in my case they have been almost totally elininated) pop ups b using a HOSTS file. this is located at c;\windows\system32\drivers\etc
It MUST begin with the line 127.0.0.1
You can find all the detailes about HOST files and how they kill pop ups, ads etc on line.
Still Learning
It MUST begin with the line 127.0.0.1
You can find all the detailes about HOST files and how they kill pop ups, ads etc on line.
Still Learning
K
Kevin Davis³
That doesn't negate the need for a firewall. That's the first step.
I never said it did. In fact if you look, almost all my posts which
are related to this topic strongly advocates the need for a firewall.
I was referring strictly to the topic of the Messenger Service.
Do you
really think home users are going to understand how to turn off unwanted
services?
Apparently Microsoft does. Read the following link:
http://www.microsoft.com/WindowsXP/pro/using/howto/communicate/stopspam.asp
You have a problem with me advising people to turn off the Messenger
Service then you also have a problem with Microsoft advising the same
thing. And I quote:
"If you have Windows XP at home or in a small office that you manage
yourself, you should disable the Messenger Service."
Source: Microsoft (from the above link).
If the Messenger Service is such a great security warning device, why
is it turned off by default in the next service pack for XP and also
in 2003 Server?
Show me a link wherein MS says that all that is needed is to shut off this
service.
I will not show you such a link because I never claimed one existed.
Read again what I said. I never, ever indicating that was *all* that
was needed to secure oneself. I only argue that insisting that
keeping it on (like you and various others advise) is in contradiction
with standard security best practices and Microsoft itself. I don't
know what is wrong with you people. You keep claiming I make this
statement and I never have.
Now if you actually want to discuss what I actually said, I have
provided the link above.
L
Lanwench [MVP - Exchange]
Kevin Davis³ wrote:
Let's face it, 99.999999% of the people who come in here complaining of
messenger spam are newbies who need to know that the answer is to get a
firewall. Telling them to disable messenger without saying that the *real*
problem is a computer running naked on the internet is likely going to
confuse them.
....which quite clearly states: "You should enable the Internet Connection
Firewall and disable the Messenger Service in Windows XP to help protect
your computer from unwanted spam and other potential threats." ..."First,
make sure that your system is protected by an Internet firewall and that
you've followed the steps to Protect Your PC. Disabling the Messenger
Service without using a firewall will prevent the unwanted spam, but will
not protect your computer from intruders."
I have no problem with people disabling messenger if they don't need it on
their computers/networks - only have a problem with people telling others
that the first step is to disable messenger, and not mentioning that the
user *needs* a firewall.
It's not designed to be a security warning device. It just happens to
function as one. If messenger spam gets through, the computer/network is not
properly secured. Think "canary in a coal mine" if you like that analogy.
And AFAIK, messenger is not going to be disabled in XP SP2 (corrections
welcome) or in a future server OS. Messenger is useful on networks - I make
use of it a lot. A home computer probably doesn't need it. I'm happy MS is
going to make the firewall enabled by default from now on, but that's
something else entirely.
I never said it did. In fact if you look, almost all my posts which
are related to this topic strongly advocates the need for a firewall.
I was referring strictly to the topic of the Messenger Service.
Let's face it, 99.999999% of the people who come in here complaining of
messenger spam are newbies who need to know that the answer is to get a
firewall. Telling them to disable messenger without saying that the *real*
problem is a computer running naked on the internet is likely going to
confuse them.
http://www.microsoft.com/WindowsXP/pro/using/howto/communicate/stopspam.aspApparently Microsoft does. Read the following link:
....which quite clearly states: "You should enable the Internet Connection
Firewall and disable the Messenger Service in Windows XP to help protect
your computer from unwanted spam and other potential threats." ..."First,
make sure that your system is protected by an Internet firewall and that
you've followed the steps to Protect Your PC. Disabling the Messenger
Service without using a firewall will prevent the unwanted spam, but will
not protect your computer from intruders."
I have no problem with people disabling messenger if they don't need it on
their computers/networks - only have a problem with people telling others
that the first step is to disable messenger, and not mentioning that the
user *needs* a firewall.
You have a problem with me advising people to turn off the Messenger
Service then you also have a problem with Microsoft advising the same
thing. And I quote:
"If you have Windows XP at home or in a small office that you manage
yourself, you should disable the Messenger Service."
Source: Microsoft (from the above link).
If the Messenger Service is such a great security warning device, why
is it turned off by default in the next service pack for XP and also
in 2003 Server?
It's not designed to be a security warning device. It just happens to
function as one. If messenger spam gets through, the computer/network is not
properly secured. Think "canary in a coal mine" if you like that analogy.
And AFAIK, messenger is not going to be disabled in XP SP2 (corrections
welcome) or in a future server OS. Messenger is useful on networks - I make
use of it a lot. A home computer probably doesn't need it. I'm happy MS is
going to make the firewall enabled by default from now on, but that's
something else entirely.