Re: Questions about "net" messenger service (NOT MSN Messenger)
From: Alex Nichol (alexn.mvpdts_at_ntlworld.delete.com)
Date: 03/09/04
- Next message: Alex Nichol: "Re: cd key refused on valid install disc"
- Previous message: Shyam: "Is the architecture of XP Professional different from that of Windows 2000"
- In reply to: Steve Lee: "Re: Questions about "net" messenger service (NOT MSN Messenger)"
- Messages sorted by: [ date ] [ thread ]
Date: Tue, 09 Mar 2004 12:05:29 +0000
Steve Lee wrote:
>Thanks for your reply, Alex. So, when you say, "that way", are you
>talking about the "net send"/messenger command or the possible adware
>I talked about in the second paragraph?
>
>Sorry for being so the redundant question, but port 135 is used by the
>messenger/"net send" service, then are you saying that mean that "net
>send" command is actually capable of sending binary files, such as
>pictures to appear in the message window?
Net /send isn't. But programs can get through port 135 to hit a
loophole in the messenger service and hence display adverts. And other
malicious programs can get through to hit other loopholes - this is how
BLAST gets in. The vulnerability that plugged is now fixed (indeed the
fix was available three weeks before BLAST hit) - but there may be other
targets. You should be sure that 135 is blocked to any Internet
connection - leave it open on LAN ones, but there you generally do not
have a firewall active anyway
-- Alex Nichol MS MVP (Windows Technologies) Bournemouth, U.K. Alexn@mvps.D8E8L.org (remove the D8 bit)
- Next message: Alex Nichol: "Re: cd key refused on valid install disc"
- Previous message: Shyam: "Is the architecture of XP Professional different from that of Windows 2000"
- In reply to: Steve Lee: "Re: Questions about "net" messenger service (NOT MSN Messenger)"
- Messages sorted by: [ date ] [ thread ]
Relevant Pages
|
