Net Sender...All Windows OS now vulnerable

[discogail]

The Net Sender software enables the user to send messages under NetBios form (similar to those sent thanks to the NET SEND instruction) towards MS Windows NT/2000/XP Pro.

....contrarily to NET SEND which can only be used on NT, 2000 and XP Pro platforms, Net Sender works on all MS Windows versions.

....Net Sender needs only the IP address of the PC in order to fullfill its mission

http://perso.wanadoo.fr/yann.breut/n...r_us/menu.html

[Pieter_Arntz]

No need to guess what the next applications are going to be: http://www.wired.com/news/technology...,55795,00.html and http://www.techtv.com/screensavers/a...374542,00.html

Regards,

Pieter

[EDIT] Similar thread: http://www.wilderssecurity.com/showthread.php?t=4142 [/EDIT]

[discogail]

This one is free.......& I saw it offered & touted at Shell Extension City,,,,,,...

[Primrose]

Hi Gail,

Here are two more free ones...

http://www.nethail.com/NT_Hail.html


Net Hail lets you send a pop-up message to any user in your "Network Neighborhood". Program works under Windows NT 4.0 and NT 3.51. It will not work under Windows 95. WINPOPUP.EXE must be running on the Windows 95 or Windows 3.1 machines in order for messages to be displayed. For NT users, the Messenger Service should be running.
The picture from the right is the main window of Net Hail. Just select a computer or group, type in a message and press "Send" button. Sorry, but no help is available for this program.

Use rigth button on group or domain to rescan it.

The program is free for non-commercial use. For details read the License Agreement when you start installation. You should send a message to the author of Net Hail to register your copy. If you don't, you'll end up with old version of Net Hail !

You can find e-mail address in "About" dialog box. Press F1 to open this dialog. Or you can use this page to register Net Hail right away.

Here is example of a message delivered from computer THERMIC to computer THERMIC. (That's the last degree of schizophrenia: to send messages to yourself).

To download the setup file click on the button at right.
To install Net Hail for Windows NT® unzip downloaded file in separate empty subdirectory, read the ReadMe.txt file and start Setup.exe
If you have any problem with installation or program itself, please send message to:

___________________________

http://www.tlsecurity.net/Sourcecode/filearchive/NetSend.html

Author : Stefan Pettersson E-mail : n/a
Site : n/a Misc :



Net Send
With this u can send Messages with Windows NT/2000, it finds the domain(s) and workstations automaticly. You can also send multimessages.

http://www.tlsecurity.net/Sourcecode/Vb/net.send.jpg

________________

ALSO:

How do I send a message to a list of users


two batch files.

SNDMSG "message text" User1 User2 User3 . . . Usern

@echo off
if {%1}=={} (echo usage: sndmsg "text" user-list) & (goto :EOF)
if {%2}=={} (echo usage: sndmsg "text" user-list) & (goto :EOF)
:LOOP
if {%2}=={} goto :EOF
net send %2 %1
shift /2
goto :LOOP
:EOF


SNDMSGL "message text" "<Drive:>\Folder\Filename.Ext"

@echo off
if {%1}=={} (echo usage: sndmsgl "text" user-list.txt) & (goto :EOF)
if {%2}=={} (echo usage: sndmsgl "text" user-list.txt) & (goto :EOF)
if not exist %2 (echo %2 not found) & (goto :EOF)
for /f "eol=; Tokens=*" %%i in (%2) do net send %%i %1
:EOF

where <Drive:>\Folder\Filename.Ext contains a list of users, one per line. Comments (; in column 1) are ignored.

[luv2bsecure]

Nice post, Primrose. Practical and useful.

It seems like just about the time one threat is addressed another pops up out-of-the-blue like a fast-spreading and hard to contain medical threat. The infection in the leg is under control - but damn - now there's a blood clot in the other. Ad infinitum.

John
Luv2bSecure

[Primrose]

John,

You are silent on all of this net send stuff. What do you really think about it and what are we going to do?

It is useful in the past and present..but now they are exploiting it and our privacy>

[luv2bsecure]

I'm sorry, I don't mean to be silent. Your post was good in that it let us see exactly what the exploiters are doing. As you know there are no easy answers.

I hate the whole thing. If I wanted to accept "instant messages" I would install an IM utility. I don't use them at all. This allows one to send a message on the network without my having IM software installed and "on" which indicates a desire to receive IM. So, to me, it's an invasion of privacy and I hate it. What to do about it?

The only thing I know to try is Start/Settings/Control Panel/ Services/Messenger/Stop. That disables MSFT MESSENGER.

But more than anything I would talk to the network administrator and ask that it be stopped. Tell them it's interfering with your work. Anything! Just tell them it's a violation of privacy and you also don't need the distraction. A good, tough memo to the staff not tolerating the use of netsend programs should go a long way to stopping it.

This is relatively new and there has yet to be a program written to stop netsend messages (as far as I know) but a few weeks from now? My guess is there will be plenty. Meanwhile, try disabling Microsoft's Messenger and talk to the network admin or whoever handles the IT work in your office.

John
Luv2bSecure

[Primrose]

A big thumbs up on all that advice and insight..thanks.

[mjc]

There is only one problem with stopping the messanger service......certain AV apps use it for the warning dialogs. (the only one I know for sure is McAfee......) and there is a warning on the MS page about certain programs using it.

But it is MS's fault these programs took the easy way and used a service that was on by default in all cases since NT (and most likely never needed in 90%+ of them, until things like AV started using it).

This exploit is definitely the "rock and a hard palce", because to protect your sanity you have to disable something that most of the time is not needed, but is "always on" and chance that something you have installed doesn't really need it.

[root]

I'm beginning to find out McAfee does all kinds of quirky things. I for one, would certainly not use messenger just to allow McAfee to work.
But then I wouldn't use McAfee for any reason.