Should Messenger Service Be Disabled in Network Environment?

[noneya22]

I have a small networking with a SBS 2003 Premium server and Windowx XP
Pro (w/ SP2) clients. I have noticed that the Messenger service is
disabled. I'm not sure if this is the default or is a side effect of
installing SP2, but I would like to know if there are any security
issues I should be concerned with since all my clients are behind a
firewall. It would be convenient to use this service to send messages
(for our internal use), but it isn't an absolute requirement if this
would be considered risky in my networking scenario. Any help would be
much appreciated.

Thanks!

 

[Colin Nash [MVP]]

I have a small networking with a SBS 2003 Premium server and Windowx XP
Pro (w/ SP2) clients. I have noticed that the Messenger service is
disabled. I'm not sure if this is the default or is a side effect of
installing SP2, but I would like to know if there are any security
issues I should be concerned with since all my clients are behind a
firewall. It would be convenient to use this service to send messages
(for our internal use), but it isn't an absolute requirement if this
would be considered risky in my networking scenario. Any help would be
much appreciated.

Thanks!

It was disabled in SP2 because it was being targetted by spammers...
although a firewall blocks it anyway.

The only info about a vulnerability in this service I could find was about
something that is fixed in XP SP2 anyway. (See mskb article 828035.)

One thing to note though, and something many people don't realize when using
"Net send" as a way of casual messaging, is that the messages are logged in
the target computer's Application Log (check Event Viewer.) By default, any
user of the computer can read these logs and only administrators can clear
them. Probably not a big deal if you are using it for "Server is going
down in 15 minutes messages" but could be embarassing if people use it for
social conversations.

 

[Steven L Umbach]

You certainly can enable it if you find it useful but beware that some users
on the network like to send out naughty/abusive messages to everyone or
specific users. You certainly could have a policy to not tolerate such and I
believe an event is recorded in the application or system log of the
receiving computer that shows the source of the message. Computers that have
their Windows Firewall enabled will not receive the messages unless the
proper exception is enabled in the firewall which could be from specific IP
addresses only such as administrative workstations. --- Steve

 

[Robert Moir]

I have a small networking with a SBS 2003 Premium server and Windowx
XP Pro (w/ SP2) clients. I have noticed that the Messenger service is
disabled. I'm not sure if this is the default or is a side effect of
installing SP2, but I would like to know if there are any security
issues I should be concerned with since all my clients are behind a
firewall. It would be convenient to use this service to send messages
(for our internal use), but it isn't an absolute requirement if this
would be considered risky in my networking scenario. Any help would
be much appreciated.

SP2 disabled it by default because its easier for a knowledgable system
admin to turn it on for their computers (you can do this centrally via a
GPO, if you're wondering) than it is for a home user who may not want to
know or care how their computer works to figure out how to turn it off...

--
--
Rob Moir, MS MVP
Blog Site - http://www.robertmoir.com
Virtual PC 2004 FAQ - http://www.robertmoir.co.uk/win/VirtualPC2004FAQ.html
I'm always surprised at "professionals" who STILL have to be asked "Have you
checked (event viewer / syslog)".

 

[Galen]

In (e-mail address removed) had this to say:

My reply is at the bottom of your sent message:

I have a small networking with a SBS 2003 Premium server and Windowx
XP Pro (w/ SP2) clients. I have noticed that the Messenger service is
disabled. I'm not sure if this is the default or is a side effect of
installing SP2, but I would like to know if there are any security
issues I should be concerned with since all my clients are behind a
firewall. It would be convenient to use this service to send messages
(for our internal use), but it isn't an absolute requirement if this
would be considered risky in my networking scenario. Any help would
be much appreciated.

Thanks!

This might be an option if you're needing similar functionality without
wanting to use netsend.

InterChat:
http://www.conware.org/products/ic3/about.php

Note that it claims there are some issues with XP but the only systems I've
seen that happen on have been when they're using something that manages
themes other than the XP themes and sometimes then it will get lost in the
notification area and the end-user would need to stop and restart the
application to get it to show again. Other than that it's been pretty good
on my LAN here.

--
Galen - MS MVP - Windows (Shell/User & IE)
http://dts-l.org/
http://kgiii.info/

"I am glad of all details, whether they seem to you to be relevant or
not." - Sherlock Holmes