I just got another new comp- they replaced the old one on mfgr's warrenty. Yes, Hewlett Packard seems to suck. Anyhow..

Fade had told me a way to get rid of the message popups and it is on my old computer so I don't have access to it. So, could anyone tell me how to disable the popup messages. I have Windows XP and Aol hell.

Also, I keep getting these IM requests from porn sites such as Ambercam etc., can anyone tell me how to disable these without disabling other people that I chat with on non AOL IM's?

Thank you!

Originally posted by Denise
I just got another new comp- they replaced the old one on mfgr's warrenty. Yes, Hewlett Packard seems to suck. Anyhow..

Fade had told me a way to get rid of the message popups and it is on my old computer so I don't have access to it. So, could anyone tell me how to disable the popup messages. I have Windows XP and Aol hell.

Also, I keep getting these IM requests from porn sites such as Ambercam etc., can anyone tell me how to disable these without disabling other people that I chat with on non AOL IM's?

Thank you!

There are a lot of free pop up stoppers you can use. I use pop-up stopper, available from http://www.panicware.com

If you're talkiing about actual message pop-up type messages (not the IE popups you get when visiting web pages, but actual messages coming up on your PC) you can stop these by disabling the Windows messaging service. HOWEVER....you're masking the true problem, which is the fact that your machine has ports open that allow this. Downloading a good firewall such as Zone alarm (http://www.zonelabs.com) would be a good start. Windows XP has a built in firewall but trusting Microsoft with my security always makes me a little queasy.

K, installed Zone Alarm. Hopefully it will help. Can I pm you if I have probs?

Originally posted by Denise
K, installed Zone Alarm. Hopefully it will help. Can I pm you if I have probs?

Surely.

Originally posted by ShowMe
If you're talkiing about actual message pop-up type messages (not the IE popups you get when visiting web pages, but actual messages coming up on your PC) you can stop these by disabling the Windows messaging service. HOWEVER....you're masking the true problem, which is the fact that your machine has ports open that allow this.

I disagree that disabling the Messaging service (NOT the same as MSN Messenger, BTW) is "masking the true problem." While you absolutely should be running a fireqall such as ZoneAlarm, you should also "harden" your systems, which means disabling services like Messenger that you don't need.

Multiple layers of protection is crucial to security.

http://www.mozilla.org

Originally posted by shanek


I disagree that disabling the Messaging service (NOT the same as MSN Messenger, BTW) is "masking the true problem." While you absolutely should be running a fireqall such as ZoneAlarm, you should also "harden" your systems, which means disabling services like Messenger that you don't need.

Multiple layers of protection is crucial to security.

If all you do is disable the service to get rid of the pop-ups, then you're masking the true problem. It's kind of like turning off the alarm when something is wrong.

Optimally a system should be hardened, but most users don't have the knowledge to go that in-depth. Even in your post you had to differentiate between the Windows messaging service (which we both referenced) and Windows Messenger. Two very different services to people that are familiar with PC's, yet many folks would say they're the same thing.

With the general population, if you can convince them to run a firewall, use safe passwords (and guard them!), use antivirus software & keep everything updated and patched....you've eliminated 95% of the problems.

Originally posted by Denise
Also, I keep getting these IM requests from porn sites such as Ambercam etc., can anyone tell me how to disable these without disabling other people that I chat with on non AOL IM's?


Ummm....forward them to me. I'll tell those people to stop bothering you. Yeah, that's it.

I use Sygate, it seems to work and it's free.

Originally posted by Denise
Also, I keep getting these IM requests from porn sites such as Ambercam etc., can anyone tell me how to disable these without disabling other people that I chat with on non AOL IM's?
I notice using chat rooms increases the number of IMs you get from solicitors (visiting naughty naughty porno sites increases those IMs also...).

You can try adding them from your ignore list. On your Buddy List, there is a button that says "Setup". Go to Setup > Preferences > Privacy and add people to your ignore list there.

You could also choose the "Notify AOL" button... although they dont really do much...

I'm not inundated with these IMs, I just try to ignore them (although they are a nuisance).

Originally posted by arcticpenguin
http://www.mozilla.org

Indeed. Try switching browsers. Besides being superior to IE in every conceivable way, Mozilla comes with a built-in pop-up blocker, plus you can download a mouse-gestures add-on.

Originally posted by ShowMe


If all you do is disable the service to get rid of the pop-ups, then you're masking the true problem. It's kind of like turning off the alarm when something is wrong.

--snipped--


Not true. When you disable Windows Messenger service there's no way a message over the net can show up on your computer. The true problem is in fact the messenger which is used to send messages over the network (internet in this case).

You're not turning off the alarm, you're permanently closing the door. :p

If you don't know how to shut down the service yourself, you can go here (http://grc.com/stm/shootthemessenger.htm).

grc has a lot of other good security related testing and blocking programs here (http://grc.com/default.htm). I'd recommend running the ShieldUP test to make sure your firewall is properly configured.

Originally posted by Cain
Indeed. Try switching browsers. Besides being superior to IE in every conceivable way, Mozilla comes with a built-in pop-up blocker, plus you can download a mouse-gestures add-on.
But neither of the questions asked related in any way to the browser being used. Using Mozilla is all well and good, but it's nothing to do with messenger popups or AOL IMs.

For the record, I use Opera at home and IE at work. I don't ever understand how people praise Mozilla so. It's a great concept, and many parts of it are good - I always cater for it when developing, which I never did with NS4 - but it's certainly not better in every way than IE. At least not for the average user.

Cheers,
Rat.

Originally posted by ImpyTimpy


Not true. When you disable Windows Messenger service there's no way a message over the net can show up on your computer. The true problem is in fact the messenger which is used to send messages over the network (internet in this case).

You're not turning off the alarm, you're permanently closing the door. :p

But the PORT that allowed the message to get through in the first place is still open, which is a security problem.

It's not closing the door. It's putting in earplugs so you don't hear the people coming in.

Originally posted by ShowMe
It's not closing the door. It's putting in earplugs so you don't hear the people coming in.

Actually, it's more like closing and locking the door, but shouting "Nobody's home!" whenever someone rattles the doorknob.

By the way, if you turn off ALL of your unneeded services, you'll not only be more secure, your computer will be faster, too! Find out how to do so here if you have Windows XP (http://www.blackviper.com/WinXP/servicecfg.htm) and here if you have Windows 2000. (http://www.blackviper.com/WIN2K/servicecfg.htm)

Of course it's still open. But what does "open" mean. It means if there's something listening on that port, it will pick it up and if it can be overloaded (malformed message sent) it can be exploited.

Since messenger is no longer listening (it's dead), nothing happens. The message is never received.

To put it into an analogy, a person comes and knocks on your door but since nobody is home, the door never opens. :)

Originally posted by ShowMe


But the PORT that allowed the message to get through in the first place is still open, which is a security problem.

It's not closing the door. It's putting in earplugs so you don't hear the people coming in.

Originally posted by Cain


Indeed. Try switching browsers. Besides being superior to IE in every conceivable way, Mozilla comes with a built-in pop-up blocker, plus you can download a mouse-gestures add-on.
Lots of people seem to have a real hard on for Mozilla, however I am not one of them. I have tried Mozilla a couple of times and it never worked properly from the minute I installed it. IE on the other hand, works great and is virtually error free.

Some pop-up news, from Yahoo and Reuters: (http://story.news.yahoo.com/news?tmpl=story&u=/nm/20030908/wr_nm/tech_popups_dc_5)Judge Rebuffs Legal Challenge to Pop-Up Ads

A federal judge has rejected a legal challenge by truck and trailer rental company U-Haul to pop-up Internet advertisements, in a ruling that could embolden providers of the ads.
...
"This is a victory for consumer choice -- it ultimately protects consumers' right to control what they see on their computer screens," WhenU chief executive Avi Naider said in a statement.
Is that my irony meter pinging?

Originally posted by ImpyTimpy
Of course it's still open. But what does "open" mean. It means if there's something listening on that port, it will pick it up and if it can be overloaded (malformed message sent) it can be exploited.

Since messenger is no longer listening (it's dead), nothing happens. The message is never received.

To put it into an analogy, a person comes and knocks on your door but since nobody is home, the door never opens. :)



Messenger spam works on ports 139 (NetBIOS) and 135.


If NETBIOS is open on your system, and you're on the Internet, you're incredibly vulnerable. Turning off the messenger service does not close this port, a port that has NO NEED to be open to the Internet.

Chances are you will need to close port 139 if you're getting messenger spam. Just shutting down the messenger serivce is masking the true problem, which is port 139 being open.

I won't go into the exploits that are available if netbios is open; if you're interest Hackming Exposed 3rd edition is a good read. Suffice it to say that it's not yelling "nobody's home", it's saying "Go ahead and take anything you want, I'll just ignore you as you sify through my things".

I think these analogies are probably confusing more people than they're helping. Let me explain very simply how all this port stuff really works:

Let's say someone wants to send you a popup message. They go to the Net Send command, put in your IP address, type the message, and off it goes.

The first thing that happens is that TCP (the Transmission Control Protocol) sends what's called a SYN (request for synchronization) packet. This packet is sent to your machine on port 139. If the Messenger Service (or any other service, for that matter) is running on port 139, then your computer will send back a SYN/ACK packet, which acknowledges the request for synchronization. The first computer sends back an ACK packet acknowledging it. The computers are now connected and the message can be sent.

If the Messenger Service (nor any other service) is NOT running on port 139, then when your computer receives the SYN request it sends back an RST (reset) packet. It's basically saying, "Nobody's home!" when someone is knocking. Your computer is letting the sender know that nothing is running on that port, but it is letting them know your computer exists and may have other services running on different ports. If you've ever tried to access a website and received a message like, "Connection reset by peer," this is what is happening. The web server itself is down, but the box it's on is still up and running.

A firewall will stop the computer from sending anything back. The packet will go out into oblivion, never to return. The sending computer, after a certain amount of time, will determine that there must not be any machine there. This is the most secure setting as it's not even acknowledging the existance of your machine on the internet.

Here's a great page explaining all of this:

http://grc.com/su-firewalls.htm

True, I stand corrected. I just checked it up and messenger spam attempts to connect to 139 first. Having NetBIOS exposed to the net is not a good idea.

Originally posted by ShowMe


Messenger spam works on ports 139 (NetBIOS) and 135.


If NETBIOS is open on your system, and you're on the Internet, you're incredibly vulnerable. Turning off the messenger service does not close this port, a port that has NO NEED to be open to the Internet.

Chances are you will need to close port 139 if you're getting messenger spam. Just shutting down the messenger serivce is masking the true problem, which is port 139 being open.

I won't go into the exploits that are available if netbios is open; if you're interest Hackming Exposed 3rd edition is a good read. Suffice it to say that it's not yelling "nobody's home", it's saying "Go ahead and take anything you want, I'll just ignore you as you sify through my things".

Originally posted by shanek
By the way, if you turn off ALL of your unneeded services, you'll not only be more secure, your computer will be faster, too! Find out how to do so here if you have Windows XP (http://www.blackviper.com/WinXP/servicecfg.htm) and here if you have Windows 2000. (http://www.blackviper.com/WIN2K/servicecfg.htm) Thanks for this. It was a real help.

The other day I decided I should finally get some kind of protection on my gateway computer (running Windows 2000). I tried Zonealarm and a couple of others and they all broke my Internet Connection Sharing.

Eventually I found a free (for personal use) packet filter called CHX (http://www.idrci.net/idrci_products.htm). If you know what you're doing, it's great. It won't tell you which programs are trying to access the internet or run servers, but it's a simple way to block all incoming traffic which affecting your outgoing traffic (or your Internet Connection Sharing).

They also have a NAT product that can replace Internet Connecting Sharing (I haven't done this yet, but I probably will).

David

Originally posted by shanek
Multiple layers of protection is crucial to security.

I use a single layer of Macintosh OSX, and the free Safari browser with PithHelmet to block ads..

:)

No security issues. No viruses. No pop-ups. When I say none, by the way, I mean none.

I also see relatively few ads, banners or other nuisances. They get caught by my Pith Helmet, and it's like they never existed in the first place. They don't even show up as ugly blanks, they're just gone.