[lug] linux firewall, popup windows spam blocking
Geek Boi
chutchin at earthlink.net
Sun Jun 22 00:01:20 MDT 2003
On Saturday 21 June 2003 01:39 pm, D. Stimits wrote:
> It seems that www.byebyeads.com is illegally violating Colorado spam
> laws (and probably newer national laws), and fraudulently claiming on
> their web page that their spam is legal. They seem to believe this
> because they are using the windows pop-up message service, rather than
> email. I know because they caused an application to crash by popping up
> such a message while an application was loading, and somehow managed to
> break the screenshot mechanism at the same time.
>
> What I'm wondering is if anyone knows what I can block on my linux
> firewall to block popups from other networks? Are these popups UDP or
> TCP? What port or ports are used? I already have 137:139 blocked, and
> some others. I even have zonealarm firewall on the windows machine
> itself, but it still allowed this popup. I'd like to totally remove this
> remote ability via the linux end, as nothing related to security on
> windows can be trusted.
Unless you have a specific need for the windows messenger service you should
disable it on all boxen that can be reached from the internet. On NT 4.0 you
go to control panels, services. In 2000 you go to computer manager and
select services in the MMC window. This is the mechinism by which they are
spamming your windows Boxen. I would turn it off and see if you can get the
ups to generate an error message anyway. Most applications do not use the
messenger service to create your error messeges unless you want them to
"popup" on a different computer.
--
chutchin at earthlink dot net
More information about the LUG
mailing list