To me, that means that either the box was connected to the 'net without a firewall or being locked down, or someone on your lan is spamming, either knowingly, or unknowningly.
Don't know why you posted this to every bug list in the known world, as it seems like a misconfiguration, not a bug. In this particular case, you will deserve the flames. Benjamin Meade System Administrator LanWest Pty Ltd -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of morning_wood Sent: Wednesday, 16 July 2003 5:37 PM To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED]; 0day Subject: [Full-Disclosure] Odd Behavior - Windows Messenger Service Donnie Werner [EMAIL PROTECTED] July 16, 2003 WindowsR networking ( TCP) and messenger service are both initialized before any user/admin login has taken place, and are remotely accessable odd... setting up default XP box in DMZ I complete the install setting up networking ( dhcp ) and ( workgroup ) only one passworded administrator account as prompted by the instalation media.... reboot. I leave box unatended for aprox 30 minuts at the login screen... Upon sucessfull passworded login, a message-ala-windows messenger service is displayed.. ( damn spammers ) BEFORE THE DESKTOP !!! and before anything ( except wallpaper ) has initialized here is output from a remote nbtenum session before a sucessfull login of a freshly booted XP box Network Adapter Adapter: \Device\NetbiosSmb MAC Address: 000000000000 Adapter: \Device\NetBT_Tcpip_{D36A0C7D-1EC4-417E-9A7C-DF4F13AF9D4C} MAC Address: 00A0CC397071 Logged On Users Username: 333\BITCHBOX$ Logon Server: Share Information IPC$ ADMIN$ C$ dunno if this particular behavior has been observed before ( im donning NomexR for the flames ) Donnie Werner http://exlpoitlabs.com _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
