JSI Tip 6539. Your messenger service receives 'net send' messages from spammers on the Internet?

If you receive pop-up messages from off-network spammers, I know of two methods to prevent it:

1. You can close the following ports to outside traffic:

UDP ports 135, 137, and 138
TCP ports 135, 139, and 445
but the messenger service also uses an ephemeral port number greater than 1024.

NOTE: An ephemeral port is a short-lived port.

2. Use Local Security Policy, Domain Security Policy, and/or Domain Controller Security Policy to navigate to Local Policies / User Rights Assignment. Double-click Access this computer from the network and Remove or uncheck the right from the Everyone group and add it to the Authenticated Users security group. You can also use:

ntrights -r SeNetworkLogonRight -u Everyone \[-m \\<Computer or DC>\]
ntrights +r SeNetworkLogonRight -u "Authenticated Users" \[-m \\<Computer or DC>\]

Hide comments


  • Allowed HTML tags: <em> <strong> <blockquote> <br> <p>

Plain text

  • No HTML tags allowed.
  • Web page addresses and e-mail addresses turn into links automatically.
  • Lines and paragraphs break automatically.