Security → Re: Source of Win PopUP SPAM - prevention steps

In a further update on this...I did a IEEE OUI lookup on the MAC addresses...they come back as 'VMWARE'...that makes more sense now...these appear to be Linux boxes running VMWARE (Windows Emulation software).

Also, make sure you check the link I included in my write up:

»www.hsc.fr/ressources/br ··· .en.html

This is one of the best, step-by-step guides I've seen to shutdown all the nonsense ports that MS opens by default.

If you're actually getting these popups, that means you exposing services that you shouldn't be...and where is your firewall?

Thanks for all the responses...

I'm curious on people's opinion as to if this kind of SPAM could be considered a violation of the law?

Does leaving Messenger enabled and dangling on the Internet give someone the right to jam a popup at it?

Please don't just rant about this (we all hate SPAM), state your case and provide precident.

I have to give them credit, I was thinking about using this technique to notify owners of hacked hosts....

I don't think there is anything illegal about this form of spam yet. It's not a fax or email. It doesn't take up space on your harddrive (unlike email) and some argument can be made that if this is spam, then popup ads in general are spam.

What this really is, is another Micro$tinker Security Blunder. ie: Lets add another feature! How secure is it? Well, it'll work every time!

said by NetWatchMan:

---

I'm curious on people's opinion as to if this kind of SPAM could be considered a violation of the law?

Does leaving Messenger enabled and dangling on the Internet give someone the right to jam a popup at it?

Please don't just rant about this (we all hate SPAM), state your case and provide precident.

I have to give them credit, I was thinking about using this technique to notify owners of hacked hosts....

---

What's your description of Spam? Mine is, as copied from »spam.abuse.net/overview/ ··· am.shtml :

Spam is flooding the Internet with many copies of the same message, in an attempt to force the message on people who would not otherwise choose to receive it.

Using this technique is no different to me than any other method of delivering something to my system without my OK. If they had said that that was what was going to happen be having this tool available and allowed me to decide if I wanted to use it on my system, fine. Since they didn't, it isn't any different than anything else that someone chooses to drop on me without my knowledge.

However, if you were to use a tool of this sort to notify owners of hacked site and did so with their knowledge and permission, then you are not Spamming. You are using a tool for the good of both of you. Big difference.

Plain and simple, if there is such a thing, it is most definitely Spam and by my definition, illegal. I suppose the legal beagles can tear my feelings in shreds on the legal description, but as I am not an attorney, I will not go into the technicalities and will let someone else do so.