Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
CingKrab

Net Send problem

By CingKrab, in Everything New Technology

Recommended Posts

CingKrab    0

CingKrab
Posted

Hello Everybody!

 

We disabled messenger service in our school so pranksters won't use them to disrupt computer classes. However, I found out a couple of machines yesterday which were able to use the net send command to message a teacher's pc. Those pc's messenger services were disabled (checked using mmc and net start), and nbtstat didn't show anything registered at [03]. So I'm naturally curious how this happend ;( . Any help is appreciated.

Share this post

Link to post

DS3Circuit    0

DS3Circuit
Posted
Quote:
We disabled messenger service in our school so pranksters won't use them to disrupt computer classes. However, I found out a couple of machines yesterday which were able to use the net send command to message a teacher's pc. Those pc's messenger services were disabled (checked using mmc and net start), and nbtstat didn't show anything registered at [03].


netsvc \\machinename start messenger
net send Blah Blah
netsvc \\machinename stop messenger

Well thats only three lines of batch file code to get around that ... only issue is that it requires admin access to start a service ... has the admin account been compromised?

NET SEND uses NetBIOS, and the ports NetBIOS requires are 137, 138 and 139 ... either enable the firewall if you are using Windows XP or disable File and Printer Sharing

HTH smile

EDIT

I apologize, I misread your post and believed that you stopped the service and not disabled it. With that in mind, disregard the first half of my post.

Have you also considered using IPSEC policies to restrict the use of those ports and/or IPs?

Share this post

Link to post

CingKrab    0

CingKrab
Posted

Thanx for the advice, DS3Circuit.

 

To clarify, I was able to use net send with a student lab account.

 

I am not familiar with IPSec, but the teachers share a lot of teaching material on a server using file and print sharing, so I am not sure if restricting the netbios ports would also disable file and print sharing.

 

Oh, we are using win2k.

Share this post

Link to post

Xiven    0

Xiven
Posted

Yeah, disabling the messenger service prevents you from receiveing messages; it does not prevent you from sending them.

Share this post

Link to post

CingKrab    0

CingKrab
Posted

Ha, you are right.

 

Well, we are upgrading anyway. This time we'll make sure the service is disabled when we deploy the new systems.

Share this post

Link to post

DS3Circuit    0

DS3Circuit
Posted
Quote:
the teachers share a lot of teaching material on a server using file and print sharing, so I am not sure if restricting the netbios ports would also disable file and print sharing.


As an addition, disabling/removing file and printer sharing from client workstation will not hinder their ability to retrieve files from a Print/File Server.

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Everything New Technology
×