Announcement

Collapse
No announcement yet.

Net send + GPO ?

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Net send + GPO ?

    Hi,

    I have a quota manager application that can send users quota limit pop-up window that is based on "net send".
    At the moment the "net send" option is disabled to all users.

    I'm looking for a way to enable it back on all computers without letting the standard user the option of sending massages through "net send".

    Is it possible to enable the messenger service on all computers but only Domain Admins or application user will be able to use it?

    Any help will be appriciated.

    Poly.

  • #2
    Re: Net send + GPO ?

    I do not believe this is possible. I would look to see if your application has an alternative to net send messages.
    Technology is only as good as those who use it

    My tech blog - wiredtek.wordpress.com

    Comment


    • #3
      Re: Net send + GPO ?

      Originally posted by poly View Post
      Hi,

      I have a quota manager application that can send users quota limit pop-up window that is based on "net send".
      At the moment the "net send" option is disabled to all users.

      I'm looking for a way to enable it back on all computers without letting the standard user the option of sending massages through "net send".

      Is it possible to enable the messenger service on all computers but only Domain Admins or application user will be able to use it?

      Any help will be appriciated.

      Poly.
      I don't think you can as it is a service running in the machine. Just add a batch file to Startup to enable the service. I doubt "normal" users (a) know about messenger services; (b) know the command in prompt to execute it. Therefore I'd say that "you'd be safe" to deploy it.

      hope this helps

      Comment


      • #4
        Re: Net send + GPO ?

        Originally posted by pardal51 View Post
        I don't think you can as it is a service running in the machine. Just add a batch file to Startup to enable the service. I doubt "normal" users (a) know about messenger services; (b) know the command in prompt to execute it. Therefore I'd say that "you'd be safe" to deploy it.

        hope this helps
        The user's knowledge and use of the messenger service isn't as troublesome as the possible abuse of the service by viruses. Check your firewall logs and see just how much messenger service spam there is out there. Should a virus infiltrate the LAN (which never happens, but I digress...) the users would be vulnerable to scams and your job would be vulnerable to termination.

        One last thing to note, let's pretend that there is one or two "power users" in the office that are computer hobbyists, former IT folks, or budding script kiddies (Face it. All of us IT folks have at least one of those types to deal with). Just imagine the mayhem that could ensue if it was ever discovered that the messenger service was turned on. Ugh.

        I'd send a concerned email to the software developer that made the quota management software and ask them for some kind of alternative. NET SEND is so 2002. Shame on anyone who makes software that is reliant on the messenger service.
        Wesley David
        LinkedIn | Careers 2.0
        -------------------------------
        Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
        Vendor Neutral Certifications: CWNA
        Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
        Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

        Comment


        • #5
          Re: Net send + GPO ?

          I seem to recall NET SEND long before 2002. WFW at least. Possibly included in the original (and horrible) MS NET where NET.EXE was born. That would put it back in the very late 80's / early 90's. Certainly LAN Manager on OS/2 (early 90's) had it.

          Also I'd really like to see the "real" virus threat NET SEND imposes. My old brain may be fixated on the simplicity of what NET SEND does so I'm really not understanding the risk. Since NetBIOS isn't routable and since all this does is pop up a text dialog box, I'm missing the incredible risk it imposes over embedding a link in an email.
          Cheers,

          Rick

          ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

          2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

          Comment


          • #6
            Re: Net send + GPO ?

            You should use Winpopup instead

            Also, messenger isn't even supported in Vista and 2008.
            You could make it somewhat secure by turning the service ON and sending firewall rules through GPO to prevent traffic to these ports from any other machine but it could cause issues with other Netbios stuff.

            Rvalstar: I believe the real risk is when using netbios over tcp and having the ports accessible publicly. There's been quite a few exploits for that historically. Also, messenger has been used for Spam a lot in the past..don't know if that is still true but 3-4 years ago, putting a Windows 2000 machine with no FW on the internet would get you a few "tool" enlargement popups within a minute or two..
            Last edited by gepeto; 8th July 2008, 19:00. Reason: rvalstar reply
            VCP on vSphere (4), MCITP:EA/DBA, MCTS:Blahblah

            Comment


            • #7
              Re: Net send + GPO ?

              I hope I haven't diverted this thread too far

              Originally posted by rvalstar View Post
              I seem to recall NET SEND long before 2002. WFW at least. Possibly included in the original (and horrible) MS NET where NET.EXE was born. That would put it back in the very late 80's / early 90's. Certainly LAN Manager on OS/2 (early 90's) had it.
              I questioned the legitimacy of my statement not long after I hit "submit reply". I've just revealed how new I am to the professional side of working with computers.


              Originally posted by rvalstar View Post
              Also I'd really like to see the "real" virus threat NET SEND imposes. My old brain may be fixated on the simplicity of what NET SEND does so I'm really not understanding the risk. Since NetBIOS isn't routable and since all this does is pop up a text dialog box, I'm missing the incredible risk it imposes over embedding a link in an email.
              There is no inherent threat to NET SEND spam. It's nearly the same paradigm as phishing. Just as an important looking email can bluff some folks, so can an important looking dialog box on your computer. I see slightly more potential in NET SEND messages since folks are now (hopefully) more aware of the dangers of email phishing scams and are (hopefully) more prone to view emails with a suspicious eye. However, a dialog box popping up on your screen can seem much more "official" (not to mention unexpected, therefor easier to bluff a user with). "An error has occurred in your email account. Please send your username and password to your network administrator at this email address: [email protected]" Okay, that was cheesy, but just imagine what an "official" looking message could do.

              As to NetBIOS not being routable; I may very well be completely missing something, but I thought NBT would come into play somehow. Also, the messenger service uses RPC now... no? The messenger service uses ports 137-139, port 445 as well as 1026. Check this out. Also, Here's a thread on NET SEND spam.

              Have I grossly misunderstood something?

              EDIT: I just noticed what Gepeto posted while I was writing my post.
              Last edited by Nonapeptide; 8th July 2008, 19:15.
              Wesley David
              LinkedIn | Careers 2.0
              -------------------------------
              Microsoft Certifications: MCSE 2003 | MCSA:Messaging 2003 | MCITP:EA, SA, EST | MCTS: a'plenty | MCDST
              Vendor Neutral Certifications: CWNA
              Blog: www.TheNubbyAdmin.com || Twitter: @Nonapeptide || GTalk, Reader and Google+: [email protected] || Skype: Wesley.Nonapeptide
              Goofy kitten avatar photo from Troy Snow: flickr.com/photos/troysnow/

              Comment


              • #8
                Re: Net send + GPO ?

                Since any reputable installation has a firewall / router / ... getting NetBIOS over TCP from the outside shouldn't be an issue, should it?

                My point really was NET SEND isn't much of a threat and I'm still not seeing evidence it is. Not disagreeing it is old / cheesy. Just not biting on the threat aspect.

                In this virus / malware sensitive world I can find sources that tell me turning on my computer may kill me -- and it may

                Remember Y2K.
                Cheers,

                Rick

                ** Remember to give credit where credit is due and leave reputation points sigpic where appropriate **

                2006-2099 R Valstar. This post is offered "as is" for discussion purposes only with no express or implied warranty of any kind including, but not limited to, correctness or fitness for use. Nothing herein shall be construed as advice. Attempting any activity based on information in this post is done at your own risk.

                Comment

                Working...
                X