Preventing the NT Messenger From Use as a Spam Portal?

zbowling (Zac Bowling) asks: "I currently use Comcast cable internet, and I consistently get hit with spam popups. These are not the ones you get from a webpages or media, these are dialog box popups from people scanning all possible IPs for the open messenger port on most NT or Win2k machines. The NT Messenger service (also the same as Novells Network Alert system) is reserved for admins, so they can send messages to the domain or a single workstation for any reason. This service has been taken advantage of by spammers looking for a cheap way to spam someone. One message I got was a spam to get me to buy a firewall product from them to prevent this from happening. I'm sure you can shut of that service or block that port except from people in your subnet. Does anyone know of any resources on the topic?"

Spammed by anti-spam product adverts. Defeat?

[tgrotvedt]

Maybe you could, uh, buy that firewall product the spammer advertised....

that's kind of... weird though.

Stopping NT Messenger Spam

[Wrexen]

Step 1) Go to google
Step 2) Type in "NT messenger spam"
Step 3) Hit the "I'm feeling lucky" button
Step 4) Stop NT Messenger Spam
Step 5) Submit question to "Ask Slashdot" anyway
Step 6) ????
Step 7) Profit!

Simple

Create a whitelist of IPs and generate a set of rules for INPUT tabl... oh... sorry, never mind...

Shorter Procedure

Go to the Start menu
Select Shut Down
Put Computer in Box
Take it back to the store and tell them you want your money back, because you're too stupid to use a computer

Re:Just disable the service

[Stalemate]

I know what you mean. Even if he didn't know that exact command, he could have written a program to just pipe random character strings through cmd.exe and hope he turned off the service before he formatted his c: drive.

You just can't help someone if they aren't willing to help themselves.