this is messenger service spam. the messenger service runs by default out of the box. since it runs as a service, it is running and accepting connections before anyone logs in.
you happenned to login with the admin login, i bet if you'd done the same thing with a user account it would have been on that desktop too. those messenger spams are sent to MACHINES not USERS. this is a FEATURE not a bug or a security vuln. if you don't want these, there's TONS of info on how to stop it. turning off the messenger service/installing a firewall/not being stupid and setting up an unprotected machine while connected to the internet are all good options. -d > -----Original Message----- > From: morning_wood [mailto:[EMAIL PROTECTED] > Sent: July 16, 2003 1:12 PM > To: Martin; [EMAIL PROTECTED] > Subject: Re: [Full-Disclosure] Odd Behavior - Windows > Messenger Service > > > > I can confirm this behavior. This service is enabled on Windows 2000 > > and XP by default. > > I noticed it on my sister's PC after she clicked away 3 > advertisement > >pop-ups and growling at the PC. I think that the average user does > >not know how to disable it. > > (And btw: NO, the average MS-Windows user is NOT USING any > firewalls.) > > > > > more to the point... THERE WAS NO LOGIN PERIOD > this was a fresh install.. waiting at the login prompt.. the > pop up was > there before any user ( admin ) settings initialized or login > took place. > once again.. this is out of the box install following all prompts, no > sharing etc. ( only setting computer name and workgroup > )reboot.. sit at > login prompt.. login.. pop up was waiting on an uninitialized > desktop.. > this is my question / issue... NOT my personal security or lack of > knowlege about basic networking / security. > disabling the service is easy, im reporting on default out of the box > behavior, not how to get rid of it or protect myself. > please all.. re-read my scenario... > > donnie > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
