Re: CRIME MS Messenger Vulnerability

From: Seth Arnold (sarnold@private)
Date: Wed Sep 10 2003 - 16:03:08 PDT

Next message: Jeff Bryner: "Re: CRIME MS Messenger Vulnerability"

Previous message: Solomon, Charlie: "CRIME MS Messenger Vulnerability"
In reply to: Solomon, Charlie: "CRIME MS Messenger Vulnerability"
Next in thread: Alan: "Re: CRIME MS Messenger Vulnerability"
Next in thread: Jeff Bryner: "Re: CRIME MS Messenger Vulnerability"
Reply: Alan: "Re: CRIME MS Messenger Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Wed, Sep 10, 2003 at 01:48:15PM -0700, Solomon, Charlie wrote:
>         I've got a site that's using a Sonicwall firewall with no ports open
> and specifically has cleared the checkbox for 'Allow NetBIOS from LAN to
> WAN".  One of those users at that site is getting a popup when the machine
> is booted up that says 
>  
>         From machinename To machinename
>                 A virus has been detected.  Please contact your
>                 administrator.

I strongly recommend running a tool such as ad-aware. Perhaps you aren't
seeing messenger traffic as much as some annoying pop-up that the machine
itself triggers.

(Or, to use the terminology of 1997, maybe you're using Pull technology
rather than Push technology to see these things.)

-- 
Demand voting integrity: http://verify.stanford.edu/evote.html

application/pgp-signature attachment: stored

Next message: Jeff Bryner: "Re: CRIME MS Messenger Vulnerability"
Previous message: Solomon, Charlie: "CRIME MS Messenger Vulnerability"
In reply to: Solomon, Charlie: "CRIME MS Messenger Vulnerability"
Next in thread: Alan: "Re: CRIME MS Messenger Vulnerability"
Next in thread: Jeff Bryner: "Re: CRIME MS Messenger Vulnerability"
Reply: Alan: "Re: CRIME MS Messenger Vulnerability"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Sep 10 2003 - 16:48:56 PDT