 
BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR | Shoot the messenger, and hide the problem The fact is services will still be listening, and we all know that many people will still run without a firewall so services will continue to be exploited. | |
|
 | 
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH
| Re: Shoot the messenger, and hide the problem There's no 'one solution' to this. This is a good idea, period. It's not a patch to fix specific vulnerabilities (there are patches already for the known vulnerabilities), but this is what should have been the default, all along (at least, with Messenger).
It's simply bad practice to have a network enabled service running by default that almost no one uses legitimately, whether there are known 'exploits' against it, or not. Those who get the update that turn Messenger off will also be getting updates that patch known holes in it, but it should STILL be turned off for most of those people, anyway.
--
Windows, Mac, Linux, BSD - just use the right tool for the right job... end the OS Politics! | |
|
| |
BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR
 ·Verizon FIOS
 ·Verizon Online DSL
| Re: Shoot the messenger, and hide the problem Then why haven't they disabled rpc/dcom from listening on any connection? Its much more dangerous than messenger, messenger spam was just annoying, the rcp/dcom services allowed exploits to enter your computer.
What about netbios being enabled by default on any network adapter including modems?
--
My hourly rates:
$25 per hour.
$35 per hour if you want to watch.
$45 per hour if you want to help.
$75 per hour if you tried to fix it, and failed.
[text was edited by author 2003-10-29 15:16:17] | |
|
| | | davidnix71
join:2003-06-17
Fort Lauderdale, FL |  Re: Shoot the messenger, and hide the problem
| |
|
| | 
Sady
Fenway Fanatic
Premium
join:2000-10-07
Ludlow, MA | It's about time they defaulted to enable the firewall. Think of the newbies out there who don't have a clue.
--
»www.sadynow.comHome Improvements/computer repairs | |
|
| | |
BlitzenZeus
Burnt Out Cynic
Premium,MVM
join:2000-01-13
Beaverton, OR | Re: Shoot the messenger, and hide the problem And how many of them do you think will disable it when they can't figure out how to use it? Its more than you think... | |
|
| | | | 
Boogeyman
Drive it like you stole it
Premium
join:2002-12-17
Huntsville, AL
| Re: Shoot the messenger, and hide the problem It is already enabled by default on many OEM installs. Its basically useless anyway, my cousin got a new Dell with XP Pro, and when I scanned her, she still had tcp ports 1025 and 5000 open and just about every UDP port. So I told her to download ZA and the next time I scanned her, there was nothing. The built in "firewall" is useless. It may block a few ports, but it lets just about everything that asks through without letting you know about it.
--
what doesn't this button do? | |
|
| | | |
| | | 
dvd536
as Mr. Pink as they come
Premium
join:2001-04-27
Phoenix, AZ
| said by Sady  :
It's about time they defaulted to enable the firewall. Think of the newbies out there who don't have a clue.
Just think about all the support calls they will be getting after the average n00b upgrades to next service pack which is why they just turned everything on by default in the first place.
--
You can never be too rich, too thin or have too much Bandwidth | |
|
| brianiscool
join:2000-08-16
Miami, FL | You call that a solution? Next spammers will create exploits via websites to disabled the Microsoft firewall which will cause bigger problems in the future! Do they even think about the outcome of doing this? | |
|
ArchAngel21x
MacFan Pro
Premium
join:2001-10-28
Lincoln, NE | The Future So does this mean we will eventually get to the point where we are shutting down all our services and sacrifice functionality for security?
--
Death Is Irrelevant. | |
|
|
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH
| Re: The Future In a roundabout way, that's exactly the point.
Computer Security 101: disable ALL services/processes/programs/etc that you don't need. By default, operating systems should come with uncommonly used services turned off (or not installed at all). Windows 2000 and XP just have too many things running by default, and I still don't think Server 2003 gets it entirely, 100% right yet, either. Those who need the Windows Messenger service can easily figure out how to turn it on.
This is a good idea, but it's a day late and a dollar short.
--
Windows, Mac, Linux, BSD - just use the right tool for the right job... end the OS Politics! | |
|
| 
TwoCpus4me
join:2003-10-16
| Irony.
Years of development to make PC's easy to hook up and share and use with lots of stuff to make your life easier, and now that we can, we have to go backwards and start turning all that stuff off.
Our PC's now require mainframe-style security just so you can send email and share printers.
They need to start frying people that hack systems and introduce spyware. | |
|
| |
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH
| Re: The Future said by TwoCpus4me :
They need to start frying people that hack systems and introduce spyware.
I agree there, assuming you are figuratively speaking. That is, of course, easier said than done.
But this isn't exactly a change that's going to result in anyone 'going back'. The thing is, anyone who even knows what Windows Messenger is - and certainly anyone who needs to use it - knows how to switch it on or off.
The trick to all this stuff on computers to 'make your life easier' is that 90% of us don't use 90% of those features. There's nothing wrong with that... computers today are made to be used for a broad range of purposes, so there's going to be a lot of people who simply don't need everything their computer offers.
And it's a well-known security basic that you don't activate services that you don't need. Not only security, but performance, too, benefits by turning off things you don't need.
--
Windows, Mac, Linux, BSD - just use the right tool for the right job... end the OS Politics! | |
|
| | | 
Omega
Displaced Ohioan
Premium
join:2002-07-30
Cheyenne, WY
clubs:  | Re: The Future It isn't Windows messenger they are turning off, they are turning off messenger service.
control panel->admin tools->services->messenger.
--
"The doctor's X-Rayed my head and found nothing" | |
|
| | | | 
Shiznizfiz
@eli-du.nwl
| Re: The Future Messenger-"Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will NOT be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start."
Just disable it and spam will cease to exist..problem solved.
worked for me. | |
|
| | | | | |
| | | | | BosstonesOwn
join:2002-12-15
Everett, MA
clubs:
 ·Comcast
| said by Shiznizfiz:
Messenger-"Transmits net send and Alerter service messages between clients and servers. This service is not related to Windows Messenger. If this service is stopped, Alerter messages will NOT be transmitted. If this service is disabled, any services that explicitly depend on it will fail to start."
Just disable it and spam will cease to exist..problem solved.
worked for me.
Some machines freeze or lock up even if they have disabled this service. It's a very poor service implementation.
--
This package does not contain a winner... | |
|
| | |
ArchAngel21x
MacFan Pro
Premium
join:2001-10-28
Lincoln, NE
·Internet Nebraska
| quote:
And it's a well-known security basic that you don't activate services that you don't need.
Ok, that works for people who don't need to use the services that have security holes. As soon as you need a service with a security problem, IIS for example, what do you do?
For those of you who would suggest Linux, suppose that's not an option.
--
Death Is Irrelevant.
[text was edited by author 2003-10-29 15:12:04] | |
|
| | | |
| | aaffooxx
join:2003-10-28
Afton, TN
| > They need to start frying people that hack
> systems and introduce spyware.
I have been saying this for ever but every time this happens, the government or industry gives the scum bag a high paying job in data security. Just think about it... Hack into and commit worldwide data havoc and get a high paying job as a result. | |
|
| 
StudioTech
S2409W plus SA4250HD
join:2001-10-10
Edison, NJ
| said by ArchAngel21x :
So does this mean we will eventually get to the point where we are shutting down all our services and sacrifice functionality for security?
Only the services that are actually needed. Too many services are started by default which is why they are so many open ports on a default NT/2000/XP system. | |
|
| |
| |
| |
Sady
Fenway Fanatic
Premium
join:2000-10-07
Ludlow, MA | Re: The Future Well said | |
|
| 
2kmaro
Think
Premium,ExMod 1 BC
join:2000-07-11
ColossalCave
clubs:
| Yes and no. If you look at the "policy" for their Server 2003 line, it is one of deliver it closed up and "secure" out of the box and then let the end user open up what they need.
This really should have been the way things were all along. No reason (other than added bloat to the files on your hard drive) that they cannot have helpful information and Wizards to turn on/off services available. The helpful information needs to explain why/what/how/risks and then provide an easy one-button on/off function for the neophyte users (and me).
Some things probably do need to be ON by default: their built in firewall being one of those. As discussed in a recent PC Mag article, unless you have some kind of firewall in place, you can end up infected with something like MS Blaster, or whatever comes next month, while just going to the Windows update file to get protected from things like Blaster.
There probably also ought to be a listing, in plain wording, telling what services are available, which are in operation, and which are not --- something like the list of software in the Add/Remove list.
I foresee many new visitors to our Microsoft Help forum if things like that aren't included with their new strategy.
--
"The greatest dangers to liberty lurk in insidious encroachment by men of zeal, well-meaning but without understanding." Supreme Court Justice Brandeis (Olmstead vs US, 1928) | |
|
| Plldwnyrpnts
join:2003-04-19
Chicago, IL
| My thoughts exactly. I'm upset that the DoHS got into the fold when msblast came out calling for all ISPs to block ports. Ports our I needed open. Now I have to waste more money on technology that really isn't necessary just to continue with the same (somewhat) functionality.
For those of us that use the services to perform certain functions or monitor certain activities, it becomes a burden. But I guess for us few it's too bad so sad. | |
|
| 
Hayward
K A R - 1 2 0 C
Premium
join:2000-07-13
Key West, FL
| said by ArchAngel21x :
So does this mean we will eventually get to the point where we are shutting down all our services and sacrifice functionality for security?
No it will mean what it should have been to begin with, you have TURN ON services that put you at risk... hopefully with you knowing before hand.
Of course this might mean M$ might have to actually fully DOCUMENT WINDOZE... something they have NEVER done to date.
--
»haywardm.com (Hayward's Key West)
[text was edited by author 2003-10-30 01:27:23] | |
|
| | phrizz
join:2003-07-16
Riverside, CA
| Re: The Future said by Hayward :
M$
thats cool how you use an '$' in place of the 'S', pure brilliance!! | |
|
| 
tuaris
You Clicked on the Apple
join:2001-10-19
Naples, FL | What do you want then? | |
|
bmn
? ? ?
Premium,ExMod 2003-06
join:2001-03-15
hiatus
| Music to "comission paid" techies ears... quote:
Microsoft plans to turn the spam exploited messenger service off, and turn their Internet Connection Firewall on by default in the next XP service pack.
Caller: "Hi, yes, I just update Windows XP and now I can't log into the network..."
Techie: "Microsoft enabled the firewall by default in the recent service pack. You'll need to disable the firewall. First, go to..."
Several minutes later (after trying to talk the user through it).
Caller: "Why don't you just come out and fix it for me ?
Techie: "Sure, but you do realize its $95/hour and you are charge one hour just for me showing up ?"
Caller: "Yep."
Techie: "Okay, see you in a few minutes."
And yes, this is a true story... Guy paid to have his XP firewall disabled.
--
Male by birth... Geek by choice. -- The suffered is the learned... | |
|
|
Marilla
I Am My Own Arbiter
Premium
join:2002-12-06
Belpre, OH | Re: Music to "comission paid" techies ears... Contrast that with the cornucopia of calls related to Blaster... | |
|
| 
The Folsom
Kindly Shut Your Noise Hole.
Premium
join:2003-01-31
Yucaipa, CA
·Verizon FIOS
| I have TONS of customers like that. I'll offer to walk them through it as a good customer service effort (yes, we DO exist), and 9 times out of ten they do not want to be bothered or they want to make sure it's done right. They don't even want to learn about some of the more "advanced" features of their computer's security features which I have either set up for them or have installed.
I have explained this as part of being "upfront" with them, so it's not like I'm ripping them off by selling them a service which they do not need. My clients refer me to their associates because they trust me.
I love Microsoft because they are providing me with job security. As long as they do what they do the way they do it, I will always be able to charge what I charge.
Now, I'm not saying that Microsoft is the best or the worst, but I know their OS's pretty well and my clients typically cannot be bothered to learn them. More $ for me.
--
The early bird gets the worm, but the second mouse gets the cheese. »www.prepaidlegal.com/info/kfolsom | |
|
| | nateerb
join:2002-07-17
Milwaukee, WI
| Re: Music to "comission paid" techies ears...
I also approach customers as you do in an upfront manner, and never charge if I can walk someone through a problem in a few minutes. But change scares the users and they'll pay the going rate to have someone come out. I almost have to feel guilty for charging what I do to sit on my ass and do a "Windows Update", but it's the going rate.
I guess I gotta say MS has been pretty good to a guy like me. Keep up the good work MS, and get XP-SP#2 out there - I'd like to buy my girl a fat diamond.
-Nate Erb | |
|
| gnubeest
Gnu
join:2001-10-28
Nashville, TN
| Heck, we get paid no matter which way it goes. I get calls out the wazoo for whatever trojan/worm/virus is floating around at the time that people can't seem to lick (especially panicked calls from XP users that turn out to be System Restore trapping a virus). Now I'll start getting calls about applications not functioning properly after MS neuters the defaults. As has been mentioned, a lot of this stuff people can be walked through, but most are too timid to even try and would rather shell out dough than bother with it, no matter how simply you can instruct them. Having done this sort of thing most of my life, I can't imagine how intimidating it all can be. Most end-users out there don't even know what a firewall is, much less how to set it up.
It's a shame ... we can add all the usability in the world, but as we also expect our PCs to do much more every year we're still going to have a hard time educating people on how to make things work reliably and safely. Firewalls aren't the most vital element of security for the average Joe -- making them realise the utter importance of vigilant antivirus and OS updates is, which are usually the most overlooked elements. | |
|
RickNY
Premium
join:2000-11-02
New York
| What about corporate users?I certainly hope the corporate version of XP SP2 doesn't turn Messenger off and the firewall on.. We're already behind a Cisco firewall, and turning the XP firewall on starts havoc with our HFNetChk scans and patch pushes.
--
"You're depriving a village somewhere of an idiot." | Do you, uh, Google? | |
|
|
See 6 replies to this post |
|
zoom314
Superman
Premium
join:2001-04-30
Yermo, CA
| Hull Plating is energized Well I have the messenger part already turned off and the firewall is on. So My Hull Plating is energized.  And sometime today or tommorrow Charter is upgrading Me to 384/128k, Hopefully though I won't have to evacuate from this part of Hesperia, I'm north of Ranchero road, South of that road evacuation is mandatory, Mainly cause of the Fire in the nearby mountains south of Hesperia California.
--
Charter Pipeline rules in Hesperia, CA, Verizon (ex-GTE) sucks..... | |
|
|
| 
sycocowz
join:2002-06-13
Ottsville, PA
·RCN CABLE
| Re: Funny thing to do with messenger! on time last year a kid did that at my school and got in a lot of trouble because the computer names were school#_room#_computer#,
so they could just go to that room and ask the teacher who was using that computer
[text was edited by author 2003-10-29 17:57:22] | |
|
|
| 
PloKoon
Bumper Sticker Doctrine
join:2002-01-06
Cherry Hill, NJ
| Re: So XP messenger is disabled but what about... said by exocet_cm :
...the other like 5 versions of windows? So they solved a problem for one version, but it still exists for other versions...
Actually, no. The service doesn't run by default on win9x systems (a la winpopup.) That leaves NT & 2000, which aren't nearly as prevalent with home users as XP.
--
slow toad!
| |
|
gruggni
Oxygen Gets You High
join:2003-07-28
Corpus Christi, TX
| Easy of use Windows OS is suppose to be easy to use. Security and "ease of use" don't mix, similar to military intelligence. Now they finally wake up. "Ease of Use" also means Easy to screw up. Virus writers enjoy these easy to screw up OSes. Windows is not a secure OS and they are just getting it. Better late then never, but I think it is way too late. Windows OS is for entertainment, always has been and always will be. All in one OS it's not. Extra features and services are bad, but they sure dazzle the eye.
--
When I read about the evils of drinking, I gave up reading. --Henny Youngman | |
|
| 
rjackal
R.I.P Colin McRae 1968-2007
Premium
join:2002-07-09
Plymouth, MI
clubs:
| Re: Easy of use said by gruggni :
Windows OS is suppose to be easy to use. Security and "ease of use" don't mix, similar to military intelligence.
Seems to me that Mac OS X is secure AND easy to use..(shrug)
Microsoft can stick their service pack where the sun don't shine. I've been downloading patches about every 2 weeks to repair God knows what, and I'm not going to download another 50MB SP to turn on a firewall I don't need and disable a service that I've already turned off manually.
--
World Rally Wrules! | |
|
| | phrizz
join:2003-07-16
Riverside, CA
| Re: Easy of use said by rjackal :
said by gruggni :
Windows OS is suppose to be easy to use. Security and "ease of use" don't mix, similar to military intelligence.
Seems to me that Mac OS X is secure AND easy to use..(shrug)
I'm sure that has NOTHING to do with the fact that only something like 10% of users have a mac, so why the hell would you bother making a worm for a machine nobody has?!?!?!?!?
security through obscurity isnt something to brag about | |
|
Sysadmin
NoBama
Premium,MVM
join:2000-07-07
Sacramento, CA
·Pacific Bell - SBC
| Admin nightmares! If they plan on doing this to the Pro version I can see this causing issues on a corporate LAN.
Lets see, I push out the Service Pack and the system reboots and no longer can be accessed remote by the Admin due to the firewall being activated. The Admin then has to go to each machine and disable the firewall and possibly enable the Messenger service if it is used to notify users of servers being rebooted, virus updates, etc...
I'm getting a headache just thinking about it.
--
Join BroadbandReports.com Team Starfire SETI@Home
Put your unused clock cycles to work! | |
|
| 
pleekmo
Triptoe Through The Tulips
Premium
join:2001-09-14
Manchester, CT
clubs:
| Re: Admin nightmares! said by Sysadmin :
If they plan on doing this to the Pro version I can see this causing issues on a corporate LAN.
Lets see, I push out the Service Pack and the system reboots and no longer can be accessed remote by the Admin due to the firewall being activated. The Admin then has to go to each machine and disable the firewall and possibly enable the Messenger service if it is used to notify users of servers being rebooted, virus updates, etc...
Let's see... Preparation!
Anticipating this scenario, perhaps you could create an update beforehand which turns on all the machines' firewalls, updates the firewalls to settings which will allow the machines to access the admin computer when the firewall is on (you will have to experiment, I think, with a small subset of your network to achieve this effect), then turns off the firewall.
Then when you wish to implement SP2 and you know that the patch turns the firewall back on, you will have this update to implement before SP2 and another handy prepared update ready afterward to turn the firewalls back to their previous tabula rasa state and then turn the firewalls back off.
Did I mention preparation?
--
Only in America if it takes too long for a killer to die, you can't execute him that way and if it took less than 30 seconds for the victim to die then you can't use capital punishment against the killer. What a country... | |
|
Da22in
Buck Fush
join:2002-06-10
Charlotte, NC
clubs:
| ICF - the one way street Keep in mind that Internet Connection Firewall is only one way...blocks incoming and does nothing for outgoing. So all these friggin'' trojans/worms can still call home for a nice DDoS attack or other function. I don't bother with ICF, it's not on and when SP2 is released you can bet your arse I'll be turning it off again.
--
"The power of accurate observation is frequently called cynicism by those who don't have it." - George Bernard Shaw | |
|
| 
reub2000
Premium
join:2001-12-28
Evanston, IL
| Re: ICF - the one way street Yep, all of us dslr users will probably be turning it off and using za. The aohellers won't know what it is, won't know it's enabled, and won't be spreading the next msblaster. It's better than nothing. Think an aol user would know to get za? Do you think they even know what za is?
[text was edited by author 2003-10-29 22:47:47] | |
|
jsouth
Jsouth
join:2000-12-12
Wichita, KS
|  Yawn
| |
|
Spazmoto
Dark Flow
join:2003-08-22
| Shoo... Good thing AOL turned it off already.
Unbeknownst to almost every user of AOL...When you install, the AOL software turns it off. Scary that they can just go in and change your stuff without telling you. Millions of XP IMers turned off and hardly anyone knows. Granted XP IM is useless and a gaping spam and probably hack hole. But still, you'd think they would at least tell you they did it.
Oh, and you can use AOL through the firewall...
--
»www.icantlose.com | |
|
amdace
BOHICA
join:2001-02-02
Novi, MI
clubs: | Proactive Just a quick note....Dell is now shipping XP Home systems with messenger disabled. | |
|
|
|
|
·