Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

"net send" vulnerability behind firewall 1

Status
Not open for further replies.

toryman

Technical User
Mar 14, 2006
1
US
I am an end-user in a huge corporate network. It has just come to the attention of our IT dept that we have been using "net send" (for years) to communicate with coworkers when their phone is busy, etc.

The IT dept has disabled net send per "hardening guidelines." I located this guideline and could not, for sure, determine whether it was talking about dmz and desktops or just dmz.

So, my question is:
If net-bios and other related ports are blocked at the firewall, is it reasonably safe for end-users to have these ports listening; to enable workstation and messenger so they can use "net send?"

A link to the answer will be as appreciated as the answer in this forum. Thanks.
 
If the firewall is blocking the appropriate port then you will be safe from external misuse. It won't stop internal programs or spyware from abusing it though.

There is of course always the chance that they are stopping the messenger service so that you are forced to use e-mail instead (which is usually logged).


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Grenage,
Utilizing the net send feature will indeed create a log entry. The application log captures info on the "receiving" PC.
 
True, but it's a lot easier if it's all in one place!


Carlsberg don't run I.T departments, but if they did they'd probably be more fun.
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top