Fog Creek Software
Discussion Board




Direct IP spam

Spam technology has reached new heights.

Has anyone heard of JetAd Pro 2003?

http://www.4vsoft.com

Apparently it spoofs a packet direct to your IP and tricks Windows into thinking it is a 'Messenger Message', and the result is a modal pop-up box displaying spam.

Does anyone know how it works and how to prevent it?

rexguo
Monday, June 23, 2003

Disable the Windows Messenging service (which is different from MSN Messenger). In Win 2K and Win XP it runs as a service. I'm not too sure how to disable it in Win 9* but a Google search should find you a couple of free utilitites that will do the trick.

Stephen Jones
Monday, June 23, 2003

This isn't all that new but is easy to defeat.  Turn off the Messenger service under the NT/XP series OSes, run a hardware or software firewall, etc.  They're using the same mechanism as "net send" from the NT/XP command line.

Doug
Monday, June 23, 2003

By the way, besides net send, does anything else use the messenger service?

Philo

Philo
Monday, June 23, 2003

There are broadcasts that can go out as administrative events (for example, the software with my UPS will broadcast to the network about the pending shutdown of my server when the power goes out).

Brad Wilson (dotnetguy.techieswithcats.com)
Monday, June 23, 2003

Put a cheap firewall in place.  Linksys, Netgear etc.  With just the default settings your machine can communicate to the web, things from the web such as this messaging are non-routable.  Then as Brad said you won't miss any important messages.

Mike
Monday, June 23, 2003

9x doesn't have the feature = you don't need to turn it off.

R C
Tuesday, June 24, 2003

Don't drive a car, ride a bicycle.

Johnny Bravo
Tuesday, June 24, 2003

Dear Johnny,
                    Why "progress" for "progresses" sake. I have never known of anybody apart from spammers use this service. It should certainly be turned off by default in XP Home at least.

                    A sysadmin may decide to use it or suggest its uses to others - one use I can think of is to let people know of viruses in emails and tell them to urgently download the updates. The sysadmin would also be able to set up the firewall. But if he's not doing it just turn it off.

Stephen Jones
Thursday, June 26, 2003

> I have never known of anybody apart from spammers use this service.

IIRC it's occasionally used by services (I forget which ones), which don't interact with the user's desktop, to send a message to the desktop within the same machine.

Christopher Wells
Thursday, June 26, 2003

*  Recent Topics

*  Fog Creek Home