A fellow network administrator at the company I work for is interested in implementing a system that utilizes the Messenger Service (not to be confused with the MS Messenger chat tool) to initiate Net Send notifications to clients throughout the user community. Our network hosts consist of Windows 2000/XP machines (XP has the service disabled by default, 2000 may as well). I remember that there was a large vulnerability reported at the end of 2003 regarding the Messenger Service. I know that the issue was addressed in subsequent service packs, but this doesn't necessarily mean it's a good idea to use it.
Bottom line; I'm concerned that enabling the Messenger Service throughout the network will open our environment to security vulnerabilities. What are you thoughts? Any know issues at this time? Your input would be greatly appreciated.
Bottom line; I'm concerned that enabling the Messenger Service throughout the network will open our environment to security vulnerabilities. What are you thoughts? Any know issues at this time? Your input would be greatly appreciated.
Regards,
Brian
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
[ reply ]