On 26 Dec 2005, at 11:17, Dale wrote:
Well, I did go to the site but it was *after* I got the traffic. How did they find me to begin with? I assume it was just a random hit. Sort of like a shot in the dark.
They just automate sending of these messenger service spams. Send them to every IP in a range, that sort of thing. It might be a wake- up call to take a look at your security setup in general, but don't worry about this particular aspect.
On 26 Dec 2005, at 10:51, Holly Bostick wrote:
... the message uses Microsoft Messenger Service, which is turned on by default under Windows, and enables these kind of popup messages across LAN and WAN, sort of like a mini MSN-- which I believe it connects to as well-- and is not only quite "useless" except to people like this, but also quite insecure because it lets unknown people like this send you "messages" without your active consent.
The Messenger Service is different from Windows Messenger - it's all a bit of a confusing hodgepodge of names.
XP comes supplied with an MSN Messenger program which isn't called "MSN Messenger" but instead "Windows Messenger", I think; apart from the name it's identical to old versions of MSN messenger in that you add buddies by email address.
The Messenger Service is something else completely - you're right that it allows people to send you little pop-up windows without your consent, but it's kinda a bigger story than that. Unlike buddy messengers, there's no reply box or any buttons other than "OK" and to send one of these messages you have to use the Windows File & Printer Sharing command line `net /send <computer name> text of your message`. Back in the days of Windows 3.1 or 95 this undoubtedly seemed like a great idea, as no-one using Windows networks had heard of the Internet, this was essentially a "free" service with Windows File & Printer Sharing and the only abuse it was really open to was employees kidding about with each other.
I suspect the reason Messenger Service is enabled by default because third-party developers use it. I've seen it used by the likes of cheap database apps to say "Blimey! You're out of stock! Order some more." For those who think that Microsoft writes bad software, you really should see some of the sewage written by small independent developers for the Windows platform; some meeting this description are undoubtedly doing a great job, but I've seen some horrors from those aiming at small business & niche markets. These guys seem to have no incentive to consider quality or security - basically anyone with a programmer & a salesman can set up in these markets and as long as the product meets a need and appears to work then it goes out the door.
I'd guess that Messenger Service could safely be disabled out the box these days, but I wouldn't be surprised that there were many applications that would have suffered from that at the time XP was released.
Stroller. -- gentoo-user@gentoo.org mailing list
