Jump to content



Sign up for a free account to remove the pop-up ads

Signing up for an account is fast and free. As a member you can join in the conversation, enter contests and remove the pop-up ads that guests get. Click here to create your free account.

Photo
- - - - -

new (to me) kind of Spam...


This topic has been archived. This means that you cannot reply to this topic.
9 replies to this topic

#1 of 10 OFFLINE   Jay H

Jay H

    Producer



  • 5,641 posts
  • Join Date: Mar 22 1999
  • Real Name:Jay
  • LocationPittsfield, MA

Posted April 08 2003 - 11:31 AM

Just recently I've been getting Messenger type messages when online, stupid stuff, like get 10 months of internet free, blah blah blah.. I traced it to process CSRSS.exe which just happens to be a system process and can't be deleted, it's probably part of Win2k's Messager service... Anyway, I've had it for only a week, anybody else? At first, I thought it was a virus or rogue process but I've run the latest Ad-Aware and it finds nothing.

The solution after a little web research is to disable Win2k's messaging service via:



Control Panel->Administrative Tools->Services

Scroll down to "Messenger", and double click it to make it "disabled" at startup, hit stop to disable it now and then hit "OK"

I'll see if I get any more messages, but it should do the trick... Never knew these a**holes are not paging domains with messages...

Jay
You are the crispy noodle in the vegetarian salad of life

#2 of 10 OFFLINE   nolesrule

nolesrule

    Producer



  • 3,084 posts
  • Join Date: Aug 06 2001
  • Real Name:Joe Kauffman
  • LocationClearwater, FL

Posted April 08 2003 - 11:42 AM

Yeah, that'll disable the Messenger service. However, for those that need to keep it running, being behind a firewall will block outside access to the ports that are open to the Messenger service.

#3 of 10 OFFLINE   Jay H

Jay H

    Producer



  • 5,641 posts
  • Join Date: Mar 22 1999
  • Real Name:Jay
  • LocationPittsfield, MA

Posted April 08 2003 - 11:45 AM

I'm still using dialup, so I gather he must have something that sends a message to perhaps all of my ISP's range... who knows but I never seen this until recently. Perhaps I'll talk to my ISP to see if other users are seeing this. Maybe they can track down the culprit and block him if possible..

Jay
You are the crispy noodle in the vegetarian salad of life

#4 of 10 OFFLINE   Kevin P

Kevin P

    Screenwriter



  • 1,444 posts
  • Join Date: Jan 18 1999

Posted April 08 2003 - 12:56 PM

Messenger spam is everywhere these days. Most senders will send them to entire ranges of IP addresses, particularly broadband addresses. My Linux box, which acts as my firewall, is programmed to capture samples of the spam I receive so I can examine it. What's ironic is most of the messenger spams I receive advertise software that blocks messenger spam!

Turning off the messenger service will stop the pop-ups from occurring, but the fact that you are receiving them means your computer is also open to other forms of attack, especially if you have file sharing enabled, or are running any other services such as IIS or similar, or get infected with a virus, worm, or Trojan. A firewall program is a better solution to the problem overall. Zone Alarm is a good free firewall which you can download.

If you're on dialup a software firewall like Zone Alarm is your best option, but if you ever go broadband you can invest in a router which will act both as a firewall and a way to share your internet connection amongst all your computers.

For the geeks and firewall admins amongst the HTF crowd, blocking incoming packets on UDP port 135 will prevent messenger spam from getting through.

#5 of 10 OFFLINE   Colin Dunn

Colin Dunn

    Supporting Actor



  • 717 posts
  • Join Date: Oct 10 1998

Posted April 08 2003 - 01:17 PM

Just about any version of Windows is not secure in its default, "out of the box" configuration. Because of this, I tell all my customers, co-workers, and friends to put their computer behind a firewall if they are using broadband Internet of any kind.

The simple $99 NAT router/firewall devices at local electronics shops will suffice. They block inbound attempts to connect on every TCP and UDP port except the ones you explicitly permit.

This cuts out messenger spam, plus a wide variety of other attacks and exploits.

If you want to avoid paying the $99 for a NAT router/firewall, you can do some things to secure your Windows box for free. These are also useful things to do even if you are behind a firewall:

- STAY ON TOP OF PATCHES! You should be checking Windows Update DAILY if you're not behind a firewall (and weekly if you are) and install any new security-related hot-fix that is provided right away.
- Pick a strong administrator password, using a mix of upper/lower case, numbers, and symbols. These passwords are too time-consuming to crack.
- Turn on the "firewalling" feature of Windows XP (if you are running it) on any Internet-facing network interfaces.
- Install a "software firewall" program like ZoneAlarm. But be prepared for lots of nagging pop-ups as you train it to recognize what applications generate legitimate Internet activity from your computer. Even if you have a hardware firewall, this can be useful for identifying potential virus/Trojan/spyware activity on your system.
- On Windows 2000/XP, apply the HISECWS.INF security template. This will make your box more hack-resistant by picking more rigorous security settings.
Colin Dunn

#6 of 10 OFFLINE   David-S

David-S

    Second Unit



  • 267 posts
  • Join Date: Mar 18 2001

Posted April 08 2003 - 01:29 PM

Quote:
- On Windows 2000/XP, apply the HISECWS.INF security template. This will make your box more hack-resistant by picking more rigorous security settings


Colin: I'm curious, how would I do this? I've got a "fairly" secure box, but I've never heard of these... do you have any info on how to do this?

Thanks Posted Image

#7 of 10 OFFLINE   TonyD

TonyD

    Executive Producer



  • 16,203 posts
  • Join Date: Dec 01 1999
  • Real Name:Tony D.
  • LocationDisney World and Universal Florida

Posted April 08 2003 - 01:37 PM

thanks for the advice colin but all that is tech tlk to me and i have no idea what it all means.

any way to do those things and help me know how to do that in laymen's terms?
facebook.com/whotony

#8 of 10 OFFLINE   Glenn Overholt

Glenn Overholt

    Producer



  • 4,207 posts
  • Join Date: Mar 24 1999

Posted April 08 2003 - 03:21 PM

Jay, I'm still getting those too. I've never used the messenger service, and XP wouldn't let me delete it, so I ended up changing the extension of the messenger execute file so it wouldn't work, but the pop-up still show up now and then.

I think I'm glad that I'm not the only one getting those. I am on dialup also. Very strange indeed.

Glenn

#9 of 10 OFFLINE   Jay H

Jay H

    Producer



  • 5,641 posts
  • Join Date: Mar 22 1999
  • Real Name:Jay
  • LocationPittsfield, MA

Posted April 08 2003 - 11:46 PM

I'd get a firewall but I'm not on the internet that much at home (I can multitask at work when I have things compiling or saving and nobody seems to mind), but I am guilty in not checking for Win2k updates that much. I hate downloading things on dialup, too slow. I would dl alot from work and then burn it to a CD-R and then take it home... But thanks for the advice!

Jay
You are the crispy noodle in the vegetarian salad of life

#10 of 10 OFFLINE   Kevin P

Kevin P

    Screenwriter



  • 1,444 posts
  • Join Date: Jan 18 1999

Posted April 09 2003 - 12:18 AM

To disable the messenger service in Windows 2000:
  • Click Start, Settings, Control Panel
  • Open Administrative Tools
  • Open Services
  • Open Messenger Service
  • Click Stop button
  • Change 'Startup Type' to DISABLE
  • Click OK
To disable the messenger service in Windows XP:
  • Right-click 'My Computer' icon and select 'Manager'
  • Open Services and Applications
  • Open Services
  • Open 'Messenger' Service
  • Click Stop button
  • Change 'Startup Type' to DISABLE
  • Click OK