How did this arrive?
bothered
Manchester UK
I was just posting on S-M when this popped up. I just binned it but with a router and Zone alarm pro, How did it get here?
bothered.
bothered.
0
Comments
Free ones are available, work well, and will stop the messenger spam, it will stop blast infections (generally) and it will just make it less likely you'll get infected with the usual nasties
blackice/zone alarm/XP built-in. All free. With the XP one, you may find you have to reboot to actually make the settings stick.
At work, I use it as the IT guy refuses to make the UPS messages directed to him as opposed to the whole universe.... He runs a daily load test, which causes these messages to be broadcast. The first thing you have to do when logging in is to clear hundreds of messages on a machine that's been running (say FAH) for ages
Stopping the messenger service is effective, but not recommended as it can be used by windows itself sometimes.
The solution I've always used is to disable the service... I hadn't heard Windows used it for anything... can you elaborate FAH_WW?
bothered has Zone Alarm Pro, so how did it get past? I would have thought that a firewall would not block a messenger message as that is all it is - there is no possibility to attach a virus or anything.
Also, on first install if Zone Alarm is anything like Norton Internet Security (I have this) it will scan the computer and come up with a massive list of progs that access the Internet.
One of these I would imagine would be the Windows Messenger service and so would probably be auto-configured for permitted access.
In this case I'd say bothered is best off disabling the service.
~Cyrix
Shoot The Messenger Info
Shoot The Messenger Download
Very worrying if it doesn't block it...
Have a look at http://www.grc.com - you'll find extensive info on pretty much all ports below 1023 there
(soz me lazy )
(better off, but you could do better...)
I got that exact same Message, twice! just the other day. And I run Norton Internet Security. Also, I don't know whether it is relevant or not but I, after receiving those Messages detected two trojan horses on my rig.
I think it was probably just a conincidence, but I would say you should run a virus scan before you do anything else.
Having a router with blocked ports does NOT stop incoming traffic. There are many programs out there that can create TCP/IP tunnels right to your door. Net meeting is one.
Sorry, couldnt help myself
Firstly he said he was behind a router (so it shouldnt be able to get through regardless)
Secondly he said he IS running a Firewall (another reason it shouldnt have got through)
And thirdly he didnt ask how do disable the service as I am sure Bothered already knows how to.
Sorry, but something had to be said as this is basically a thread with completely useless responses.
Bothered: Check to see if you have opened port 135 on your Router for some reason, or if a DMZ to your machines LAN address is set up on the Router.
Also check to see if Zone Alarm has for some reason either kept port 135 open or has allowed the Messenger service access to the net.
NS
Also, whether the messenger service has access to the net or not makes NO difference at all, as that's only outgoing...
Doesn't look to me like you've read it nor understand the question. Swearing won't help either...
Sorry if this response may sound harsh, but then you're asking for it.
Secondly.
He may not have ASKED how to disable the service, but most certainly it will never get through again if the service is not on to receive it. So the point of asking or not is moot.
Slightly off topic but FAH_WW, you is just down/up the road from me. I'm in Newbury, about 15mins down the A34
Regards
Jim
Weird, so if I got on the A34 at Stoke, I could go and visit one of you two.
Wow, what along normal road!
~Cyrix
This thread could have been so much shorter.
/me chuckles for no apparent reason
See, ask about pop ups. Learn about road history. Weird nes pas.
Jim
Hate to admit it but I've never heard of this. I'm interested - do you have a link for more info?
Good then, as I now have license to reveal my ignorance on this subject.... then, maybe not.
Well, you know where your next unsolicited pop-up is coming from!
It's annecdotal evidence of course, but I've done several port scans on both the routers I have in sequence, and port 3000 is entirely blocked on both. Port 3000 is, consequently, the port I have determined for file transfer in ICQ/AIM/mIRC. Before dialing a false IP with NetMeeting, file transfer never occurrs. After dialing said IP, file transfer works appropriately.
Furthermore, ports others have enabled for the reception of files in their programs are fully capable of receiving my sent files, even when the ports are blocked by default, and unopened on their routers.
It's pretty solid evidence, in my opinion. Feel free to pwn me though. If I'm wrong, hey, I'm wrong.