VeeshanVault

Ok so this really pisses me off...

I demilitarize (basically take the firewall from in front of) one of my computers trying to allow some traffic that into that machine. Go back to what I was doing on another.

*Bink* Window pops up on the dmz'ed machine...To see whatever the spammer wants you to see click OK now. This is not an explorer window and it is addressed to my IP address. Ok so do a netstat and voila port 139. WTF!

Basically spammers are now IP broadcasting Netsends via spamware called IP_Bulker. So if you have an unfirewalled machine...its time to get that firewall and learn how to use it.

These spam windows will crash EQ. And worse yet, no one who would use this sort of spamware is responsible enough to maintain their machines so clicking the ok button (did this on accident, thanks laptop membrane pad) will get you an viral infection (Nimda E in my case).

Short Term Fix: Go to Control Panel, Administrative Tools, Services find Messenger (this isn't MS Messenger) double click on it set Service status to stopped and Startup Type to Disabled.

Medium Term Fix: Buy a firewall and keep Port 139 slammed shut.

Long Term Fix: Persecute the sort of shits that engage in Spam of any sort. These asses are eating up all of our bandwidth with junk email and now directly broadcasting at us.

Yes!

I occastionaly DMZ my box for UT2003 Hosting etc., and this happens to me ALL THE TIME when I'm DMZed.

I fucking hate that!

Go into your control panel, administrative, services - turn off windows messenger. Problem solved.

Just found this out the other day... Had been getting those popups for weeks before I formatted the machine..I figured something I installed was doing it and I missed it... then it happened on a clean machine and I couldn't figure it out...shoulda just asked here forst..but yeah, killed Messenger service and its all good now...


Guess I better run a virus scan...gah...anyone recommend a good free one?

Bakara wrote:Go into your control panel, administrative, services - turn off windows messenger. Problem solved.

See Short Term...

That however is not a solution.

The solution is to drive those who use our bandwidth unethically off the internet.

KilornCloudwalker wrote:Just found this out the other day... Had been getting those popups for weeks before I formatted the machine..I figured something I installed was doing it and I missed it... then it happened on a clean machine and I couldn't figure it out...shoulda just asked here forst..but yeah, killed Messenger service and its all good now...


Guess I better run a virus scan...gah...anyone recommend a good free one?

Actually Antivirus.com has a good free online scanner

Just download a trial version of one then stop by astalavista.box.sk for the crack

That sorta shit really pisses me off ... and the fact that all spam just pisses you off means you're not gonna buy shit from them ... what's the logic ? ... Bush should start a war on spam and nuke the bastards.

I hate advertising full stop. I especially hate advertisments being FORCED on me. Fuck that, and fuck them ... they're all going to a hell of eternal pyrimid scheming and penis enlargement advertisements.

Sorry about that.

What really really torques me is that I am paying for them to advertise at me...

The long term solution is to force MS to secure their PoS OS.

AniRask wrote:The long term solution is to force MS to secure their PoS OS.

Because Macs don't get spam?...

Granted Windows is riddled with holes...but filling those will not stop the use of bandwidth for Bullshit like this...Every OS is exploitable it's just a question of popularity that makes Windows flaws more commonly exploited. Make it profitable and someone will find the holes in any OS.

I wasn't referring e-mail spam though. I was referring to the popup window one. Just wait till porn people get wind of this and all of a sudden pictures of people fucking start appearing on your screen.

edit long day, nonsensical sentence correction

As has been pointed out this uses Messenger service, it's used most commonly to relay Text only information for things like printers telling you the job is done, or for simple notices like remote shutdown, or announcements, strictly a Messenger service - clicking ok just makes the box go away, and as said before, disable the messenger service, and when the spammer does his port scan it will be bounced back with no message recieved.

Nah, they can't actually pop stuff up, they can just send text that will show up in an alert dialog, if I'm thinking about this correctly. Similar to a "net send". At least that's what it appears to look like.

The only time I use microsuck windoze is for EQ.

Solaris is your god, and Linux is your daddy.

Sylvus wrote:Nah, they can't actually pop stuff up, they can just send text that will show up in an alert dialog, if I'm thinking about this correctly. Similar to a "net send". At least that's what it appears to look like.

Partially true, the messenger service can only send messages of this type.

There are a bunch of adware trojans running around that will send html adverts directly to your screen. The people running (some) banner sites try to auto install them, most aren't polite enough to ask before they do. They also track your net usage and sell the information. Hurray for spyware.

Software that blocks connections that originate externally, and those originate locally on a per application basis is about the only way to stop it. Windows scripting, ActiveX and MS based Java are all riddled with holes and not designed for security. Not to mention the MS OS's themselves.