Slashdot Mirror

← Back to Stories (view on slashdot.org)

Preventing the NT Messenger From Use as a Spam Portal?

Posted by Cliff on from the increasing-the-signal-to-noise-ratio dept.

zbowling (Zac Bowling) asks: "I currently use Comcast cable internet, and I consistently get hit with spam popups. These are not the ones you get from a webpages or media, these are dialog box popups from people scanning all possible IPs for the open messenger port on most NT or Win2k machines. The NT Messenger service (also the same as Novells Network Alert system) is reserved for admins, so they can send messages to the domain or a single workstation for any reason. This service has been taken advantage of by spammers looking for a cheap way to spam someone. One message I got was a spam to get me to buy a firewall product from them to prevent this from happening. I'm sure you can shut of that service or block that port except from people in your subnet. Does anyone know of any resources on the topic?"

2 of 66 comments (clear)

  1. Re:Write your congressman. by PerryMason · · Score: 4, Insightful

    The knee-jerk reaction is to consider this Messenger service spamming as a hack, but you have to stop and consider the wider implications of calling it 'hacking'.

    If we are to make this sort of thing illegal, its a very small step to consider any connection to an open port that isn't what the recipient (ie server operator) expected to receive as hacking. This is likely to lead to even less of a focus on delivering a secure software product, rather relying on the threat of legal action to secure systems, much like the DMCA. Its using the sledgehammer of the law to crack a small nut that technology is already more than capable to dealing with.

    If you really feel the need to write to somebody, write to Microsoft and tell them that the default state of a system following an install is insecure and that you will stop purchasing their products if they can't provide something secure enough to put on the internet.

    --
    "I'm tired of all this 'Aren't humanity great' bullshit. We're a virus with shoes" - Bill Hicks
  2. Slashdot is for posting, not roasting. by Futurepower(R) · · Score: 4, Insightful


    Slashdot Readers: If you don't like an Ask Slashdot question, ignore it!

    Don't waste everyone's time posting a comment saying that you knew the answer when you were 8 or 18 years old, and Slashdot is lame for posting such a simple question.

    Slashdot is meant to be a community. Not everyone in a community has the same knowledge. Questions that are simple for you may be difficult for someone else.

    Yes, many questions can be answered by Google, IF you already know the answer and therefore know the correct key words.