|
|
You're in the
iis security
group:MSPOP-UP MESSAGE SERVICE <KILLER POP-UPS>
iis security:
We are writing to tell you about the problems of "Abuse" with their Message Service> I didn't mind before or when I first started recieve these messages because I didn't know what it was. I didn't know what popup message was.. but gave me message of: Your computer is in danger and you are unsecure user and some of them say this message: "IF YOU ARE RECIEVE THIS MESSGE, THEN YORU COMPUTER IS LEAKING OUT YOUR IP ADDRESS AND OTHER INFORMATION ABOUT YOU ON THE INTERNET THROUGH YOUR ITBERNET ACCOUNT. ***NOW THIS IS WHAT I NEED HELP IN************** "How do I stop getting this message services in order to have some peace? For they are killing me slowly with these types of services I do not want for it has gotten to where it is making me ill. I am a person who is already sick or lame and I cannot take anymore attacks of these REAL KILLER MESSAGE because it is every second or every other second, now this could lead to distress and
[quoted text, click to view]
"Moses and Elija" <Thesixthchchurch@aol.com> wrote in message news:09fc01c3567b$45138860$a401280a@phx.gbl... > ***NOW THIS IS WHAT I NEED HELP IN************** > "How do I stop getting this message services in order to > have some peace? For they are killing me slowly with > these types of services I do not want for it has gotten > to where it is making me ill. I disabled mine. http://www.theeldergeek.com/messenger_service_popups.htm
You need a firewall. The messages themselves aren't harmful but they should
be considered a warning. There are many free firewalls on the market, which include ZoneAlaram ( www.zonealarm.com ) and Sygate ( www.sygate.com ) -- --Jonathan Maltz [Microsoft MVP - Windows Server] http://www.imbored.biz - A Windows Server 2003 visual, step-by-step tutorial site :-) Only reply by newsgroup. If I see an email I didn't ask for, it will be deleted without reading. [quoted text, click to view] "Moses and Elija" <Thesixthchchurch@aol.com> wrote in message news:09fc01c3567b$45138860$a401280a@phx.gbl... > *******GREETINGS************** > We are writing to tell you about the problems of "Abuse" > with their Message Service> I didn't mind before or when > I first started recieve these messages because I didn't > know what it was. I didn't know what popup message was.. > but gave me message of: Your computer is in danger and > you are unsecure user and some of them say this message: > "IF YOU ARE RECIEVE THIS MESSGE, THEN YORU COMPUTER IS > LEAKING OUT YOUR IP ADDRESS AND OTHER INFORMATION ABOUT > YOU ON THE INTERNET THROUGH YOUR ITBERNET ACCOUNT. > > ***NOW THIS IS WHAT I NEED HELP IN************** > "How do I stop getting this message services in order to > have some peace? For they are killing me slowly with > these types of services I do not want for it has gotten > to where it is making me ill. I am a person who is > already sick or lame and I cannot take anymore attacks of > these REAL KILLER MESSAGE because it is every second or > every other second, now this could lead to distress and > depression and anger first* I try with AOL
[quoted text, click to view]
"Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message news:uOkRKpsVDHA.2328@TK2MSFTNGP12.phx.gbl... > That's just hiding the messages, not the security breach. Install a > firewall, for your own sake I'm running IIS. I was under the impression that if a person was running IIS, the security was so robust that a firewall was redundant. Most firewalls don't automatically block messenger service popups, and not everyone knows how to configure their firewall so as to block NetBIOS ports 135, 137, 138. and 139. - Kathy
It's people like you with your lack of knowledge and
ignorance who cause the problems on the internet. Learn how to use it or pull the plug. [quoted text, click to view] >I'm running IIS. I was under the impression that if a
person was running >IIS, the security was so robust that a firewall was redundant. > >Most firewalls don't automatically block messenger service popups, and not >everyone knows how to configure their firewall so as to block NetBIOS ports >135, 137, 138. and 139. > >- Kathy > > >.
That's just hiding the messages, not the security breach. Install a
firewall, for your own sake -- --Jonathan Maltz [Microsoft MVP - Windows Server] http://www.imbored.biz - A Windows Server 2003 visual, step-by-step tutorial site :-) Only reply by newsgroup. If I see an email I didn't ask for, it will be deleted without reading. [quoted text, click to view] "Kathy" <msnews@btaw.com> wrote in message news:uzpHe6rVDHA.2224@TK2MSFTNGP09.phx.gbl... > "Moses and Elija" <Thesixthchchurch@aol.com> wrote in message > news:09fc01c3567b$45138860$a401280a@phx.gbl... > > ***NOW THIS IS WHAT I NEED HELP IN************** > > "How do I stop getting this message services in order to > > have some peace? For they are killing me slowly with > > these types of services I do not want for it has gotten > > to where it is making me ill. > > I disabled mine. > http://www.theeldergeek.com/messenger_service_popups.htm > >
There is more to the computer than IIS. And for the record, most do block
NetBIOS traffic by default, or at least filter it. -- --Jonathan Maltz [Microsoft MVP - Windows Server] http://www.imbored.biz - A Windows Server 2003 visual, step-by-step tutorial site :-) Only reply by newsgroup. If I see an email I didn't ask for, it will be deleted without reading. [quoted text, click to view] "Kathy" <msnews@btaw.com> wrote in message news:OJT3FxsVDHA.2352@TK2MSFTNGP12.phx.gbl... > "Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message > news:uOkRKpsVDHA.2328@TK2MSFTNGP12.phx.gbl... > > That's just hiding the messages, not the security breach. Install a > > firewall, for your own sake > > I'm running IIS. I was under the impression that if a person was running > IIS, the security was so robust that a firewall was redundant. > > Most firewalls don't automatically block messenger service popups, and not > everyone knows how to configure their firewall so as to block NetBIOS ports > 135, 137, 138. and 139. > > - Kathy > >
Jonathan:
How many computers do you have at the house? I've only got one, so I just installed it on the one. But, if I need more patches, I get them in my mvp mail account daily! But, I do have 6 telephones! ;-) -- ----- Tom Pepper Willett Microsoft MVP - FrontPage ---- [quoted text, click to view] "Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message news:uQU73XuVDHA.2488@TK2MSFTNGP09.phx.gbl... > Kathy: > > You've got a good sense of humor but a bad way of using it. Try making it > obvious that you're joking with us so it won't be taken so.....literally ;-) > > BTW - I installed that patch on every computer in my house, glad to know I'm > up to date <g> > > -- > --Jonathan Maltz [Microsoft MVP - Windows Server] > http://www.imbored.biz - A Windows Server 2003 visual, step-by-step > tutorial site :-) > Only reply by newsgroup. If I see an email I didn't ask for, it will be > deleted without reading. > > > "Kathy" <rrnews@btaw.com> wrote in message > news:e1WVa.24978$Vp.1100988@twister.socal.rr.com... > > "Apalled" <Apalled@Apalled.com> wrote in message > > news:01fc01c356d6$0a48f750$a601280a@phx.gbl... > > > It's people like you with your lack of knowledge and > > > ignorance who cause the problems on the internet. Learn > > > how to use it or pull the plug. > > > > I'm truly sorry, I didn't realize I was causing all those problems on the > > internet. > > > > But I think I fixed all my problems this morning when I installed that > > Microsoft patch that came in my email, so now I'm good to go. > > > > - Kathy > > > > > >
Kathy:
You've got a good sense of humor but a bad way of using it. Try making it obvious that you're joking with us so it won't be taken so.....literally ;-) BTW - I installed that patch on every computer in my house, glad to know I'm up to date <g> -- --Jonathan Maltz [Microsoft MVP - Windows Server] http://www.imbored.biz - A Windows Server 2003 visual, step-by-step tutorial site :-) Only reply by newsgroup. If I see an email I didn't ask for, it will be deleted without reading. [quoted text, click to view] "Kathy" <rrnews@btaw.com> wrote in message news:e1WVa.24978$Vp.1100988@twister.socal.rr.com... > "Apalled" <Apalled@Apalled.com> wrote in message > news:01fc01c356d6$0a48f750$a601280a@phx.gbl... > > It's people like you with your lack of knowledge and > > ignorance who cause the problems on the internet. Learn > > how to use it or pull the plug. > > I'm truly sorry, I didn't realize I was causing all those problems on the > internet. > > But I think I fixed all my problems this morning when I installed that > Microsoft patch that came in my email, so now I'm good to go. > > - Kathy > >
Don't go unplugging any cables, you're no source of problems on the
internet. Unfortunately, I can't think of anything with your ASP.NET problems (except maybe some NTFS permissions). Oh, and by the way - Some people (the messenger service ones) come and post to this group because it has ".security" in it. Some have never even used IIS and/or ASP -- --Jonathan Maltz [Microsoft MVP - Windows Server] http://www.imbored.biz - A Windows Server 2003 visual, step-by-step tutorial site :-) Only reply by newsgroup. If I see an email I didn't ask for, it will be deleted without reading. [quoted text, click to view] "Kathy" <rrnews@btaw.com> wrote in message news:1IYVa.24990$Vp.1109133@twister.socal.rr.com... > "Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message > news:uQU73XuVDHA.2488@TK2MSFTNGP09.phx.gbl... > > You've got a good sense of humor but a bad way of using it. Try making it > > obvious that you're joking with us so it won't be taken so.....literally > ;-) > > I'll try to be less sarcastic. I guess it was the suggestion that I get a > firewall that got me started, kind of like suggesting to me that I not hit > myself in the head with a hammer or that I look both ways before crossing > the street or that I not run with scissors. > > I guess I assumed (incorrectly, perhaps) that people posting questions in an > IIS security ng were perhaps administrating web servers and/or writing asp > applications and were past the "you should be using a firewall" state. > > Now, I'd be delighted if one of you could help me with my "real" problem-- > the recent appearance of 2 authentication dialogs when trying to open ASPX > pages on my client's website. ASP pages only see the first authentication > dialog. It obviously has something to do with using basic authentication in > a web application that uses ASP pages _and_ .NET, but I don't have any idea > where to begin on that one. > > Or maybe someone knows of a more appropriate ng for my question? I posted > also on microsoft.public.dotnet.framework.aspnet.security, and although > nobody there has accused my ignorance and severe lack of knowledge of being > the major source of problems on the internet, neither has anyone answered my > question. > > I have googled, and looked in MSDN, either I am suffering from that severe > lack of knowledge I was accused of, or I don't know how to ask the question, > or I really _am_ the cause of all the problems on the internet and I ought > to unplug my network cable. > > (sigh) > > - Kathy > > > > > BTW - I installed that patch on every computer in my house, glad to know > I'm > > up to date <g> > > >
[quoted text, click to view]
"Apalled" <Apalled@Apalled.com> wrote in message news:01fc01c356d6$0a48f750$a601280a@phx.gbl... > It's people like you with your lack of knowledge and > ignorance who cause the problems on the internet. Learn > how to use it or pull the plug. I'm truly sorry, I didn't realize I was causing all those problems on the internet. But I think I fixed all my problems this morning when I installed that Microsoft patch that came in my email, so now I'm good to go. - Kathy
[quoted text, click to view]
"Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message ;-)news:uQU73XuVDHA.2488@TK2MSFTNGP09.phx.gbl... > You've got a good sense of humor but a bad way of using it. Try making it > obvious that you're joking with us so it won't be taken so.....literally I'll try to be less sarcastic. I guess it was the suggestion that I get a firewall that got me started, kind of like suggesting to me that I not hit myself in the head with a hammer or that I look both ways before crossing the street or that I not run with scissors. I guess I assumed (incorrectly, perhaps) that people posting questions in an IIS security ng were perhaps administrating web servers and/or writing asp applications and were past the "you should be using a firewall" state. Now, I'd be delighted if one of you could help me with my "real" problem-- the recent appearance of 2 authentication dialogs when trying to open ASPX pages on my client's website. ASP pages only see the first authentication dialog. It obviously has something to do with using basic authentication in a web application that uses ASP pages _and_ .NET, but I don't have any idea where to begin on that one. Or maybe someone knows of a more appropriate ng for my question? I posted also on microsoft.public.dotnet.framework.aspnet.security, and although nobody there has accused my ignorance and severe lack of knowledge of being the major source of problems on the internet, neither has anyone answered my question. I have googled, and looked in MSDN, either I am suffering from that severe lack of knowledge I was accused of, or I don't know how to ask the question, or I really _am_ the cause of all the problems on the internet and I ought to unplug my network cable. (sigh) - Kathy [quoted text, click to view] > > BTW - I installed that patch on every computer in my house, glad to know I'm > up to date <g>
Basic authentication is pretty straight forward. If the server requests
Basic authentication and the request has the magic Authorization: Basic header, it's allowed access (after the ACL checks out). Else, it's denied access. Presence of the authentication dialog mainly indicates that the browser received a 401 response and after a couple of authentication attempts (this is configurable in IE), it failed to auto-negotiate credentials for you. The particular type of 401 (IIS has five predefined types) determines what you should do to address the situation. Based on what I've said, there are several ways to troubleshoot this: 1. Make sure the client is auto-negotiating credentials for you (since most users expect this). IE turns off auto-negotiating for Internet sites, and all this is Configurable, so you need to see what you've got configured. 2. If you get 401.1, it means logon failed. If you hit cancel on the dialog boxes, you get Access Denied. Check your domain/username/password. 3. If you get 401.3, it means you logged on correctly, but your credentials didn't have access. Check your ACLs on the resource 4. If you get 401.4, some ISAPI filter installed on the server rejected you access for arbitrary reason 5. If you get 401.5, the application itself denied you access. Check your ACLs on the resource and on the Application DLL/Script. On IIS6, the sub status codes are logged. They are not logged on prior IIS versions, so you'll need to access the 401 responses to see what it is (use a network sniffer). -- //David This posting is provided "AS IS" with no warranties, and confers no rights. // [quoted text, click to view] "Kathy" <rrnews@btaw.com> wrote in message ;-)news:1IYVa.24990$Vp.1109133@twister.socal.rr.com... "Jonathan Maltz [MS-MVP]" <jmaltz@mvps.org> wrote in message news:uQU73XuVDHA.2488@TK2MSFTNGP09.phx.gbl... > You've got a good sense of humor but a bad way of using it. Try making it > obvious that you're joking with us so it won't be taken so.....literally I'll try to be less sarcastic. I guess it was the suggestion that I get a firewall that got me started, kind of like suggesting to me that I not hit myself in the head with a hammer or that I look both ways before crossing the street or that I not run with scissors. I guess I assumed (incorrectly, perhaps) that people posting questions in an IIS security ng were perhaps administrating web servers and/or writing asp applications and were past the "you should be using a firewall" state. Now, I'd be delighted if one of you could help me with my "real" problem-- the recent appearance of 2 authentication dialogs when trying to open ASPX pages on my client's website. ASP pages only see the first authentication dialog. It obviously has something to do with using basic authentication in a web application that uses ASP pages _and_ .NET, but I don't have any idea where to begin on that one. Or maybe someone knows of a more appropriate ng for my question? I posted also on microsoft.public.dotnet.framework.aspnet.security, and although nobody there has accused my ignorance and severe lack of knowledge of being the major source of problems on the internet, neither has anyone answered my question. I have googled, and looked in MSDN, either I am suffering from that severe lack of knowledge I was accused of, or I don't know how to ask the question, or I really _am_ the cause of all the problems on the internet and I ought to unplug my network cable. (sigh) - Kathy [quoted text, click to view] > > BTW - I installed that patch on every computer in my house, glad to know I'm > up to date <g>
[quoted text, click to view]
"David Wang [Msft]" <someone@online.microsoft.com> wrote in message news:O5O8$z9VDHA.2032@TK2MSFTNGP11.phx.gbl... > Based on what I've said, there are several ways to troubleshoot this: > 1. Make sure the client is auto-negotiating credentials for you (since most > users expect this). IE turns off auto-negotiating for Internet sites, and > all this is Configurable, so you need to see what you've got configured. > 2. If you get 401.1, it means logon failed. If you hit cancel on the dialog > boxes, you get Access Denied. Check your domain/username/password. > 3. If you get 401.3, it means you logged on correctly, but your credentials > didn't have access. Check your ACLs on the resource > 4. If you get 401.4, some ISAPI filter installed on the server rejected you > access for arbitrary reason > 5. If you get 401.5, the application itself denied you access. Check your > ACLs on the resource and on the Application DLL/Script. Thanks for the information on all the error codes, that will come in handy. I actually figured out what the problem was a couple of hours ago. The message was coming up for a form recently added to the project by someone else. They used some third-party data access components in the form, and those components had their own configuration settings. I used ISM to set basic access for the entire web application, and we turned off authentication for .NET in web.config. I wasn't aware of the third configuration file for the controls, that file was set to use integrated Windows authentication. When I disabled that, everything worked as it was supposed to. Thanks, Kathy
Don't see what you're looking for? Try a search.
|
June 2003
July 2003
August 2003
September 2003
October 2003
November 2003
December 2003
January 2004
February 2004
March 2004
April 2004
May 2004
June 2004
July 2004
August 2004
September 2004
October 2004
November 2004
December 2004
January 2005
February 2005
March 2005
April 2005
May 2005
June 2005
July 2005
August 2005
September 2005
October 2005
November 2005
December 2005
January 2006
February 2006
March 2006
April 2006
May 2006
June 2006
July 2006
August 2006
September 2006
October 2006
November 2006
December 2006
January 2007
February 2007
March 2007
April 2007
May 2007
June 2007
July 2007
August 2007
September 2007
October 2007
November 2007
December 2007
January 2008
February 2008
March 2008
April 2008
| home · blog · groups | Questions? Comments? Contact the dn |