Hi, Everyone Just in case it was not mentioned earlier I thought I would revisit this new form of SPAM. Apparently there is some organization or person out there who is using the NetBIOS ping (or something like that) to gleem IP addresses, etc. They are then sending out a SPAM (the initial one was a poem which I believe was a test of the new spamming venue) to all those IP addresses and if they happen to be in a GUI environment then you get that irratating pop-up window. You can shut it down by disabling the programs involved in IM but there are other functions of your O/S that require the same drivers or whatever to function and if you turn it all off then you loose your networking capabilities. Where I currently work they supplied us with a web page that lists all the IP addresses that are associated with their network protocols so we can set up the appropriate permissions. There is a much easier way to overcome this and that is a software firewall on the user workstation. I use my firewall to block out all those stray pings that hit my IP address. Because I block those that are not directly related to my work network environment I didn't get the Pop-up spam window. The machine I use for testing which doesn't have a firewall did get the pop-up spam. I have not received any pop-up spam on the protected machine. The firewall can also provide protection against pop-up ads, email attachment protection, etc. I also use ad-aware which is a freeware product that scans your computer for that little script that gets loaded when you visit a web page so you won't get pop-ups, etc....i.e. sends out info on your surfing habits, etc... Anyway, take the easy way to protect from this new form of spam... "Sullivan, Glenn" <GSullivan@xxxxxxxxxxxxxx> wrote: > >Stop the messenger service. > >Glenn Sullivan, MCSE+I MCDBA >David Clark Company Inc. > > >-----Original Message----- >From: Rayneman [mailto:reignofdeath@xxxxxxxxxxxxx] >Sent: Friday, October 04, 2002 12:25 PM >To: windows2000@xxxxxxxxxxxxx >Subject: [windows2000] Re: Virus/Worm via Messenger Service? > > > >I periodically get popup messages that are similar to IM messages but claim >to be a Windows Messenger Service or some such thing....I don't remember >installing any such thing but evidently I have some type of messaging >service on this W2K Server machine that can send/receive messages in the >background and I wish to COMPLETELY DISABLE this function. Please advise me >as to what to do and where to do it. I'd like to think that I am relatively >proficient in this OS but this is an obvious indication that I am NOT. And >for those that are curious...they are all spam messages and I'm scared of >what access this IM gives itself in my server. > >Thank you in advance. > >Ray S. >raynserv@xxxxxxxxx > > > >-----Original Message----- >From: windows2000-bounce@xxxxxxxxxxxxx >[mailto:windows2000-bounce@xxxxxxxxxxxxx]On Behalf Of Scott Ehrlich >Sent: Friday, October 04, 2002 9:58 AM >To: windows2000@xxxxxxxxxxxxx >Subject: [windows2000] Virus/Worm via Messenger Service? > > > >Last night around 5pm EST we received a Messenger Service window from a >host called WX2. Most people, across subnets, received a poem, credited >to Henry Cuyler Bunner (1855-1896) will a hallmark of "Provided by >http://www.ALLprice.info"; > >Of our two NT 4 domain controllers, one received the message intact, the >other just received "Message from WX2 to <domain controller> on 10/3/2002 ><timestamp>" but no body of the message. > >Anyone heard of anything like that? > >nbtstat shows no such host, as does nslookup. > >Thanks for any insight. > >Scott > > >================================== >To Unsubscribe, set digest or vacation >mode or view archives use the below link. > >http://thethin.net/win2000list.cfm > > >================================== >To Unsubscribe, set digest or vacation >mode or view archives use the below link. > >http://thethin.net/win2000list.cfm > >================================== >To Unsubscribe, set digest or vacation >mode or view archives use the below link. > >http://thethin.net/win2000list.cfm > -- Charles E. James, Programmer/Analyst U. C. Berkeley, Berkeley California http://home.earthlink.net/~bamboogrove/ Dragon's Gate Taoism __________________________________________________________________ The NEW Netscape 7.0 browser is now available. Upgrade now! http://channels.netscape.com/ns/browsers/download.jsp Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ ================================== To Unsubscribe, set digest or vacation mode or view archives use the below link. http://thethin.net/win2000list.cfm