Net Send problem
This is a discussion about Net Send problem in the Everything New Technology category; Hello Everybody! We disabled messenger service in our school so pranksters won't use them to disrupt computer classes. However, I found out a couple of machines yesterday which were able to use the net send command to message a teacher's pc.
Hello Everybody!
We disabled messenger service in our school so pranksters won't use them to disrupt computer classes. However, I found out a couple of machines yesterday which were able to use the net send command to message a teacher's pc. Those pc's messenger services were disabled (checked using mmc and net start), and nbtstat didn't show anything registered at [03]. So I'm naturally curious how this happend ;( . Any help is appreciated.
We disabled messenger service in our school so pranksters won't use them to disrupt computer classes. However, I found out a couple of machines yesterday which were able to use the net send command to message a teacher's pc. Those pc's messenger services were disabled (checked using mmc and net start), and nbtstat didn't show anything registered at [03]. So I'm naturally curious how this happend ;( . Any help is appreciated.
Participate in our website and join the conversation
This subject has been archived. New comments and votes cannot be submitted.
May 2
May 6
0
3 minutes
Responses to this topic
Quote:We disabled messenger service in our school so pranksters won't use them to disrupt computer classes. However, I found out a couple of machines yesterday which were able to use the net send command to message a teacher's pc. Those pc's messenger services were disabled (checked using mmc and net start), and nbtstat didn't show anything registered at [03].
netsvc \\machinename start messenger
net send Blah Blah
netsvc \\machinename stop messenger
Well thats only three lines of batch file code to get around that ... only issue is that it requires admin access to start a service ... has the admin account been compromised?
NET SEND uses NetBIOS, and the ports NetBIOS requires are 137, 138 and 139 ... either enable the firewall if you are using Windows XP or disable File and Printer Sharing
HTH
EDIT
I apologize, I misread your post and believed that you stopped the service and not disabled it. With that in mind, disregard the first half of my post.
Have you also considered using IPSEC policies to restrict the use of those ports and/or IPs?
netsvc \\machinename start messenger
net send Blah Blah
netsvc \\machinename stop messenger
Well thats only three lines of batch file code to get around that ... only issue is that it requires admin access to start a service ... has the admin account been compromised?
NET SEND uses NetBIOS, and the ports NetBIOS requires are 137, 138 and 139 ... either enable the firewall if you are using Windows XP or disable File and Printer Sharing
HTH
EDIT
I apologize, I misread your post and believed that you stopped the service and not disabled it. With that in mind, disregard the first half of my post.
Have you also considered using IPSEC policies to restrict the use of those ports and/or IPs?
OP
Thanx for the advice, DS3Circuit.
To clarify, I was able to use net send with a student lab account.
I am not familiar with IPSec, but the teachers share a lot of teaching material on a server using file and print sharing, so I am not sure if restricting the netbios ports would also disable file and print sharing.
Oh, we are using win2k.
To clarify, I was able to use net send with a student lab account.
I am not familiar with IPSec, but the teachers share a lot of teaching material on a server using file and print sharing, so I am not sure if restricting the netbios ports would also disable file and print sharing.
Oh, we are using win2k.
Yeah, disabling the messenger service prevents you from receiveing messages; it does not prevent you from sending them.
OP
Ha, you are right.
Well, we are upgrading anyway. This time we'll make sure the service is disabled when we deploy the new systems.
Well, we are upgrading anyway. This time we'll make sure the service is disabled when we deploy the new systems.
Quote:the teachers share a lot of teaching material on a server using file and print sharing, so I am not sure if restricting the netbios ports would also disable file and print sharing.
As an addition, disabling/removing file and printer sharing from client workstation will not hinder their ability to retrieve files from a Print/File Server.
As an addition, disabling/removing file and printer sharing from client workstation will not hinder their ability to retrieve files from a Print/File Server.
OP
thanx again for your help, Xiven and DS3Circuit.
