Is it ME, or is this NOT a "junkmail" issue, but rather sounds like a backdoor, trojan or VBScript virus. If so, my concern would NOT be the messenger service but all other possible backdoor functions that may be resident!
How would a junk **EMAIL** (!) initiate a NetBios service - if not via a "virus"? Or are these servers which have their NetBios ports exposed to the Internet? Then, this is really not a junk "mail" issue - since no email is involved in the distribution. Best Regards Andy Schmidt Phone: +1 201 934-3414 x20 (Business) Fax: +1 201 934-9206 -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]On Behalf Of Dan Horne Sent: Monday, October 14, 2002 01:38 PM To: [EMAIL PROTECTED] Subject: RE: Re: [Declude.JunkMail] Spam Mail Statistics I got this from one of the Lockergnome newsletters that came out recently. Dan ----------------------------------------------------------------------- Pop-up Spammers I've often wondered how long it would take for the abuse of Microsoft's Messenger services to begin. This is a network service that listens for messages, which are displayed on screen when received. You can use this service to send text messages to other users on the network ("net send" command from a DOS prompt), provided they have the services running. As you might expect, this is enabled by default in Windows NT/2K/XP, and for little reason. I know of very few people that actually use it, particularly home users. Those of you that are on broadband connections and are not running a firewall may have seen a strange little window pop up at you hawking diplomas, inviting you to visit an explicit website or whatever else our favorite bunch of Internet low-life can dredge up. I have always been very supportive of a minimalist configuration. Turn it off by default, then let the user decide if they want it turned on. As things are, we have all sorts of virtually useless capability built into Windows and other Microsoft software, and fully enabled by default. Maybe there's a case to be made for the functionality, but there is not a case to be made for subjecting the masses to such abuse when the feature won't be used by the vast majority of users and it's quite easy to scan the open ports on a workstation to see if the service is available for abuse. With Windows 2000 and XP seeing much wider adoption, and port 139 open by default, it was only a matter of time before it was taken advantage of to pester unsuspecting users. You can disable the Messenger in Windows 2000/XP by right- clicking My Computer, selecting Manage from the context menu. Expand Services and Applications and click Services, which will populate the right window pane with the long list of services installed. scroll down to Messenger and double-click the item. In the Startup Type dropdown box, select Disabled, then click the Stop button in the Service Status section of the window. From now on, your PC will not be subjected to these pop-up messages. --- [This E-mail was scanned for viruses by Declude Virus (http://www.declude.com)] --- This E-mail came from the Declude.JunkMail mailing list. To unsubscribe, just send an E-mail to [EMAIL PROTECTED], and type "unsubscribe Declude.JunkMail". The archives can be found at http://www.mail-archive.com.
