Messenger Service - POP UP

  • Thread starter Thread starter JEFF
  • Start date Start date
J

JEFF

I just upgrade to Windows XP and now I get this annoying
pop up that won't go away - from "Messenger Service".
How do I make it go away for good?
 
I just upgrade to Windows XP and now I get this annoying
pop up that won't go away - from "Messenger Service".
How do I make it go away for good?
Click to expand...

Control Panel > Admistrative Tools > Services and scroll down to
Messenger. Under Properties, set Startup type to Disabled.
 
Greetings --

Please stop deliberately posting potentially harmful advice.

Disabling the messenger service is a "head in the sand" approach
to computer security that leaves the PC vulnerable to threats such as
the W32.Blaster.Worm.

The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful service by acting as a security alert. The
true problem is the unsecured computer, and you're only
advice, however well-intended, was to turn off the warnings. How is
this helpful?

Equivalent Scenario: You over-exert your shoulder at work or
play, causing bursitis. After weeks of annoying and sometimes
excruciating pain whenever you try to reach over your head, you go to
a doctor and say, while demonstrating the motion, "Doc, it hurts when
I do this." The doctor, being as helpful as you are, replies, "Well,
don't do that."

The only true way to secure the PC, short of disconnecting it from
the Internet, is to install and *properly* configure a firewall; just
installing one and letting it's default settings handle things is no
good. Unfortunately, this does require one to learn a little bit more
about using a computer than used to be necessary.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Greetings --

Please stop deliberately posting potentially harmful advice.

Disabling the messenger service is a "head in the sand" approach
to computer security that leaves the PC vulnerable to threats such as
the W32.Blaster.Worm.

The real problem is _not_ the messenger service pop-ups; they're
actually providing a useful service by acting as a security alert. The
true problem is the unsecured computer, and you're only
advice, however well-intended, was to turn off the warnings.
Click to expand...

You are wrong. See the recent MS security bulletin:

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/bulletin/ms03-043.asp

As I have suggested OVER and OVER and OVER again, you need to disable
services that you don't need. Several, including you, asserted that I
was being ridiculous in suggesting that there just might be a
vulnerability in the Messenger service that could expose your system
as vulnerable. Now we know that it has been true. If somebody got
past your firewall, they could own your system simply if you were
running the Messenger service. The great risk involved in running it
when it's not needed is far greater than the trivial value that it
provides by being a "security alert". There are much better tools to
use for security alerts than a vulnerable, unneeded service running.
 
Greetings --

Apparently, you're completely unfamiliar with the term
"workaround." The KB article you cite recommends disabling the
messenger service as a *workaround,* only until the necessary patch
has been certified for the user's specific environment. No where does
the KB article even imply, much less state, that disabling the
messenger service is, in and of itself, any kind of real solution.

And at no time did I say anyone was being "ridiculous" for
advising people to _only_ turn off the messenger service and take no
other precautions; deliberately malicious or dangerously misinformed,
certainly, but never "ridiculous."


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
true problem is the unsecured computer, and you're only
Equivalent Scenario: You over-exert your shoulder at work or
play, causing bursitis. After weeks of annoying and sometimes
excruciating pain whenever you try to reach over your head, you go to
a doctor and say, while demonstrating the motion, "Doc, it hurts when
I do this." The doctor, being as helpful as you are, replies, "Well,
don't do that."
Click to expand...

Over-exertion of the shoulder? Watch you're [sic] analogies. Sounds
like a rotator-cuff problem.
The only true way to secure the PC, short of disconnecting it from
the Internet, is to install and *properly* configure a firewall; just
installing one and letting it's default settings handle things is no
good. Unfortunately, this does require one to learn a little bit more
about using a computer than used to be necessary.
Click to expand...

Thanks once again for the security primer. A question was asked and
answered and for the most part, joe-schmoe doesn't use the service.
You need a larger forum to reach the masses before they come to
microsoft.pub...

Lol.
 
Greetings --

Well, tell that to the physician who diagnosed and treated --
successfully, by the way -- my bursitis. The analogy is accurate,
medically speaking, and based upon personal experience. ;-}

Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Greetings --

Apparently, you're completely unfamiliar with the term
"workaround." The KB article you cite recommends disabling the
messenger service as a *workaround,* only until the necessary patch
has been certified for the user's specific environment. No where does
the KB article even imply, much less state, that disabling the
messenger service is, in and of itself, any kind of real solution.
Click to expand...

You just don't get it, do you?

Before this bulletin, you insisted that disabling the messenger
service provided NO or LITTLE additional security.

You were wrong. If one had disabled this service (assuming they
didn't need it very badly) then it would have provided significant
additional security.

Now that MS has provided the patch, everything is great and that
service is bulletproof, right. No way in the world that there are any
additional vulnerabilities in that service, right?

That clearly would be a deluded point of view that points to someone
who refuses to learn from the past.

Again, this vulnerability drives home the important point - If you
don't need the service, turn it off.

By refusing to acknowledge this very basic security tenet, you are
distributing bad security advice and undermining your credibility in
regards to the topic of security.
 
And at no time did I say anyone was being "ridiculous" for
advising people to _only_ turn off the messenger service and take no
other precautions; deliberately malicious or dangerously misinformed,
certainly, but never "ridiculous."
Click to expand...

And I never advised people to only turn off the messenger service as
you just implied.
 
The KB article you cite recommends disabling the
messenger service as a *workaround,* only until the necessary patch
has been certified for the user's specific environment. No where does
the KB article even imply, much less state, that disabling the
messenger service is, in and of itself, any kind of real solution.
Click to expand...

This is also an incorrect interpretation of the article, IMO. MS's
RECOMMENDATION (not "workaround"):

Recommendation: Customers should disable the Messenger Service
immediately and evaluate their need to deploy the patch

This means:

1. Disable the service
2. Evaluate you need for the service to be running ("evaluate the
need to deploy the patch")
3. Deploy the patch if you need the service.
4. Turn the service back on if you need the service.
5. If you don't need the service, don't turn it back on.
 
Greetings --

You're the one who "doesn't get it." Your constant harping on
this one subject has become quite tiresome. Why are you so obsessed
with the messenger service? Why do you so adamantly defend those who
offer harmful advice? Have you no other interests?

Let's try one last time, and I'll keep it as simple as I can.

Turning off the messenger service, in and of itself, is _not_ a
viable security solution. Yes, a vulnerability has been discovered,
announced, and a patch provided. However, there is, to date, no known
exploit of this vulnerability. (I don't doubt that some clown will
feel the need to develop one, though, just to prove he can, now that
the weakness has been publicly announced. Hopefully, people will have
learned their lesson from Blaster, and actually pay a little bit of
attention, this time.) If one has a _properly configured_ firewall,
this - or any other, yet to be discovered - vulnerability stands very,
very little chance of ever causing a problem.

The advice offered by many to turn off the messenger service as
the sole action necessary stop messenger service spam -- advice which
you have been so tenaciously adamant about defending -- is completely
irresponsible. Doing so "protects" the computer from one theoretical,
undefined threat, and the user from some annoying but harmless
interruptions, at the expense of leaving the computer completely
vulnerable to other, very real, exploits, such as W32.Blaster.Worm.

Granted, one of the basic security precautions is to turn off any
processes/services that are not needed. Doing so, however, should be
done with the full knowledge that such an action does not protect the
computer from the most common threats extant. If a user is confident
that he has no need of the messenger service, he's perfectly welcome
to turn it off. I've never said otherwise, although I do think that,
on balance of the relative risks, the messenger service does serve a
useful purpose as a "canary in the mine shaft" to warn of a firewall
failure. Messenger service spam is constantly being broadcast, and is
much more likely to show up than is any other yet-to-be-developed
exploit.

Now, who is going to determine whether any given user has other
needs of the messenger service? Does he have an antivirus application
that uses the Alerter service, which is dependent upon the messenger
service? Is he using a UPS-monitoring utility that has the same
needs? Can you confidently assert that the millions of "John Q.
Publics" can all safely disable the messenger service on their many
millions of different PCs, with millions of different combinations of
applications and utilities? I submit that the vast majority of
computer users in the general public have absolutely no idea -- nor
any real desire to learn -- whether or not they need or use the
messenger, or any other specific, service. To cavalierly pronounce
that everyone should just turn off an operating system process,
regardless of the millions of individual specific computing
configurations, situations, needs, and environments is the height of
irresponsibility.


Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Greetings --

You're the one who "doesn't get it." Your constant harping on
this one subject has become quite tiresome. Why are you so obsessed
with the messenger service? Why do you so adamantly defend those who
offer harmful advice? Have you no other interests?
Click to expand...

You are really FULL OF IT. I have NEVER defended those "who offer
harmful advice". I have NEVER advocated or defended the advise to
only turn off the Messenger Service. You can imply it all you want
to, but it simply is not true and only serves to continue to discredit
you.

You, on the other hand seem to be obsessed in making sure others have
the Messenger Service turned on and bashing those who would disagree.
Let's try one last time, and I'll keep it as simple as I can.
Click to expand...

Yes, lets try.
Turning off the messenger service, in and of itself, is _not_ a
viable security solution. Yes, a vulnerability has been discovered,
announced, and a patch provided. However, there is, to date, no known
exploit of this vulnerability. (I don't doubt that some clown will
feel the need to develop one, though, just to prove he can, now that
the weakness has been publicly announced. Hopefully, people will have
learned their lesson from Blaster, and actually pay a little bit of
attention, this time.) If one has a _properly configured_ firewall,
this - or any other, yet to be discovered - vulnerability stands very,
very little chance of ever causing a problem.
Click to expand...

You are defending a position that lacks depth in security knowledge.

1. No known exploit does not mean there's not one out there.
Generally these exploits are known only when the hackers have tired of
them and want some recognition. This is not the wisdom from myself
but words directly from various security companies like ISS. Even if
there is no exploit, this just means that those who were unnecessarily
running it dodged a bullet.

2. The point remains that it is a basic security rule to enable only
those things you need. Why? because just of this type of scenario.
If you had disabled the Messenger Service, you would not be at risk to
this vulnerability which could allow a hacker complete control of your
system. Even if you patched, you still need to turn it off if not
needed to avoid future risks like this.

3. Yes, a patch is available. So this service is bulletproof, now
right? We know that there can never be any more vulnerabilities in
this service right? WRONG. You were so certain before that it was
perfectly safe to run this service even if unneeded and even heralded
the benefits of leaving it turned on as a mechanism of warning. What
you were also unknowingly doing was advised those to run a service
that wasn't needed that had a vulnerability (and still may have
several, for all we know) which possibly given a hacker control of
their system where they might otherwise not had.

4. Firewalls are NOT the panacea that you paint. They are not
bulletproof and it is extremely foolish to put all your security eggs
in the firewall basket. It is another very basic security tenet to
have a multilayered defense. Depending on a firewall to protect you
100% is foolish.
The advice offered by many to turn off the messenger service as
the sole action necessary stop messenger service spam -- advice which
you have been so tenaciously adamant about defending -- is completely
irresponsible. Doing so "protects" the computer from one theoretical,
undefined threat, and the user from some annoying but harmless
interruptions, at the expense of leaving the computer completely
vulnerable to other, very real, exploits, such as W32.Blaster.Worm.
Click to expand...

I have to say it. You, sir, are a liar. I have never defended the
action of only turning off the Messenger Service. I have always
advocated first establishing a firewall and then addressing turning
off unneeded services.
Granted, one of the basic security precautions is to turn off any
processes/services that are not needed. Doing so, however, should be
done with the full knowledge that such an action does not protect the
computer from the most common threats extant. If a user is confident
that he has no need of the messenger service, he's perfectly welcome
to turn it off. I've never said otherwise, although I do think that,
on balance of the relative risks,
Click to expand...

You've been very, very resistant to the idea of turning off the
Messenger Service. Although, I won't lie (like you have) and insist
that you have insisted that it should always stay on.
the messenger service does serve a
useful purpose as a "canary in the mine shaft" to warn of a firewall
failure. Messenger service spam is constantly being broadcast, and is
much more likely to show up than is any other yet-to-be-developed
exploit.
Click to expand...

OK, lets just leave this unneeded service on just because it has some
kind unintended side affect of *possibly* warning the individual of
some port being open. This warning is not very reliable. A user can
have that port open and there's no guarantee the kindly spammers
sending their messages will make their way to the system. IMHO no
real security expert would ever dream to advise a user to run an
unneeded service just for the purpose of the possibility that it may
alert the user to an open port. If a hacker gets past the firewall,
he is not going to send a kindly Messenger pop-up to alert the user to
his presence, either. It is a very weak argument.
Now, who is going to determine whether any given user has other
needs of the messenger service? Does he have an antivirus application
that uses the Alerter service, which is dependent upon the messenger
service? Is he using a UPS-monitoring utility that has the same
needs? Can you confidently assert that the millions of "John Q.
Publics" can all safely disable the messenger service on their many
millions of different PCs, with millions of different combinations of
applications and utilities?
Click to expand...

That is a different argument that I have already hashed out with
others. AS I HAVE SAID OVER AND OVER AGAIN, disable it if you don't
need it. If you do need it, certainly patch it and keep it on. I
don't know how many times I have to say this. You seem to be on a
witch hunt to burn at the stake anyone who remotely suggests that the
Messenger Service should be turned off despite the context in which it
is said.
I submit that the vast majority of
computer users in the general public have absolutely no idea -- nor
any real desire to learn -- whether or not they need or use the
messenger, or any other specific, service.
Click to expand...

This has been addressed in another thread. I have already
acknowledged these issues. I have agreed with others that if the user
is a novice and/or does not have the compunction to find out if they
need the service, the best advice is to leave it on. I have repeated
that sentiment as well. The advice to turn it off if unneeded is
largely targeted to a user above the novice or apathetic level.
However, to not mention that, IMO is giving incomplete security
advice.
To cavalierly pronounce
that everyone should just turn off an operating system process,
regardless of the millions of individual specific computing
configurations, situations, needs, and environments is the height of
irresponsibility.
Click to expand...

Again, I do not insist that everyone should just arbitrarily turn off
this service or any other. The witch hunt continues.
 
Greetings --

Yes, you have, in this very thread, as a matter of fact. You
responded to my post asking someone to stop posting harmful advice by
saying that I was completely wrong. Obviously, therefore, you feel
the individual was correct to advise someone to turn off messenger
service as the sole action necessary.

But it's all irrelevant, now. I'll simply keep adding you to my
kill-file each time to change your alias, a habit common to trolls.

Bruce Chambers

--
Help us help you:



You can have peace. Or you can have freedom. Don't ever count on
having both at once. -- RAH
 
Greetings --

Yes, you have, in this very thread, as a matter of fact. You
responded to my post asking someone to stop posting harmful advice by
saying that I was completely wrong.
Click to expand...

I don't believe I ever stated that you were "completely wrong". I
stated that you were wrong about indicating there was no security
value in disabling the Messenger Service. In my posts it is painfully
obvious that these were your specific comments I was referring to.
This is due to my comments being made completely outside the context
of you indicating that some people advise to *only* turn off the
Messenger Service. Apparently you refuse to read my posts within the
context in which they were written. Again, for the umpteenth time, I
agree with you that *only* turning off the Messenger Service to solve
this problem is a bad idea. I have always agreed on this point.

In addition, you can do a google search on the newsgroups for my name
and you will find that I have specifically stated on numerous
occasions that a firewall is first and foremost the most important
step here. But this truth does not matter to you. What matters to
you is that you try to save face here and lie about what I have
posted.
Obviously, therefore, you feel
the individual was correct to advise someone to turn off messenger
service as the sole action necessary.
Click to expand...

I never "felt" any such thing. So let me re-iterate for about the
200th time. Set up a firewall first. Absolutely no question about
it. But the fact remains that one should assess whether the Messenger
Service is needed and if it's not, disable it. If there's any
question or lack of motivation, leave it on but be sure to patch the
serious vulnerability in it. And be aware that there could be more.
Good security does not rely on a single item, like a firewall. A
multilayered approach is the consensus on the best approach.
But it's all irrelevant, now. I'll simply keep adding you to my
kill-file each time to change your alias, a habit common to trolls.
Click to expand...

Another bald faced baseless lie. I have NEVER changed any of the
attributes of my posting. EVER. My posts have always been identified
by the name "Kevin Davis³". ALWAYS. I dare you or anyone else to
prove otherwise. You seem to want to resort to anything in attempts
to discredit those who would dare disagree with you. You are
seriously embarrassing yourself here.

In any event, it bothers me not if you killfile me. It will not stop
me from correcting your incomplete advice.
 
Howdy, Kevin,

Absolutely!!!

What would be really helpful is a good tweaking or support
site with discussion of what services can be done
without. Telnet and such are obvious, but some of the
other ones' functions are kind of obscure. Do you know of
such a site or KB article? I'd love to lock our systems
down the the max that I can, without losing useful
functions.

Thanks very much,
Peyton Randolph
 
Howdy, Kevin,

Absolutely!!!

What would be really helpful is a good tweaking or support
site with discussion of what services can be done
without. Telnet and such are obvious, but some of the
other ones' functions are kind of obscure. Do you know of
such a site or KB article? I'd love to lock our systems
down the the max that I can, without losing useful
functions.

Thanks very much,
Peyton Randolph
Click to expand...

Yes, there are such sites. You can probably do a google search on
"Windows XP services" and hit on a few of them. I would caution you,
however, that doing this requires a fair degree of knowledge and
incremental steps. One site had a good suggestion of using the
profiles approach to avoid configuring your system such that it is
easily recovered from being hosed up.

Good luck
 
Back
Top