R
rusga
Ali,
I guess you're being flirted, not hacked.
I guess you're being flirted, not hacked.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an alternative browser.
You should upgrade or use an alternative browser.
A
Ali
We have found on one of my servers NT 4.0 and some users
several of these messages appearing in Windows Messenger
Service
"Message from RMAFFEO to <Domain_name> on 9/17/04
4:36PM hi sexy"
"Message from RMAFFEO to <Domain_name> on 9/17/04
4:36PM Hello sexy"
After clicking "ok" the message disappears.
Can someone tell us where this message came from? We have
a fire wall and up to date will all DAT files and Windows
updates. Is it a hacker or some employee who knows few
tricks?
several of these messages appearing in Windows Messenger
Service
"Message from RMAFFEO to <Domain_name> on 9/17/04
4:36PM hi sexy"
"Message from RMAFFEO to <Domain_name> on 9/17/04
4:36PM Hello sexy"
After clicking "ok" the message disappears.
Can someone tell us where this message came from? We have
a fire wall and up to date will all DAT files and Windows
updates. Is it a hacker or some employee who knows few
tricks?
S
Steven L Umbach
These can also be generated on the local network via the net send command.
Use " net help send " to see more info on how that works. If you look in
Event Viewer/system log on the computer that received the message there may
be a record of the message . If you do not need the messenger service for
any applications or admin tasks you can disable it on all or selected
computers. --- Steve
Use " net help send " to see more info on how that works. If you look in
Event Viewer/system log on the computer that received the message there may
be a record of the message . If you do not need the messenger service for
any applications or admin tasks you can disable it on all or selected
computers. --- Steve
A
andy smart
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Ali wrote:
| We have found on one of my servers NT 4.0 and some users
| several of these messages appearing in Windows Messenger
| Service
|
| "Message from RMAFFEO to <Domain_name> on 9/17/04
| 4:36PM hi sexy"
| "Message from RMAFFEO to <Domain_name> on 9/17/04
| 4:36PM Hello sexy"
|
| After clicking "ok" the message disappears.
| Can someone tell us where this message came from? We have
| a fire wall and up to date will all DAT files and Windows
| updates. Is it a hacker or some employee who knows few
| tricks?
|
Take a look through your user's folders and see if any of them have
winpopup.exe - that's what the students here used to use to send
annoying messages round the network. Users 'could' be using the command
line, but my guess is that they aren't.... Of course they could be
bringing it in on a floppy and running it from there.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBYQCpqmlxlf41jHgRAhE9AJ4uaZg6A27U/dLq7xjlsaB/d+TVkwCeIozq
ng26AeB+NoNhBFilM1HSQks=
=ECL3
-----END PGP SIGNATURE-----
Hash: SHA1
Ali wrote:
| We have found on one of my servers NT 4.0 and some users
| several of these messages appearing in Windows Messenger
| Service
|
| "Message from RMAFFEO to <Domain_name> on 9/17/04
| 4:36PM hi sexy"
| "Message from RMAFFEO to <Domain_name> on 9/17/04
| 4:36PM Hello sexy"
|
| After clicking "ok" the message disappears.
| Can someone tell us where this message came from? We have
| a fire wall and up to date will all DAT files and Windows
| updates. Is it a hacker or some employee who knows few
| tricks?
|
Take a look through your user's folders and see if any of them have
winpopup.exe - that's what the students here used to use to send
annoying messages round the network. Users 'could' be using the command
line, but my guess is that they aren't.... Of course they could be
bringing it in on a floppy and running it from there.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.5 (MingW32)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
iD8DBQFBYQCpqmlxlf41jHgRAhE9AJ4uaZg6A27U/dLq7xjlsaB/d+TVkwCeIozq
ng26AeB+NoNhBFilM1HSQks=
=ECL3
-----END PGP SIGNATURE-----