
Alerter and Messenger Services
The Windows NT alerter and messenger services enable a user to send pop-up
messages to other users. A network administrator may consider this an unnecessary
risk due to the fact that these types of services have been known to be used
in social engineering attacks. Some users might actually respond to a request
to change their password, create a share, or otherwise open holes in the
network. A side effect of running this service is that it causes the name of the
current user to be broadcast in the NetBIOS name table, which gives the attacker a
valid user name to use in brute force attempts.
Risk: Low
OS Vulnerable: Windows NT
Fix: Open Control Panel, Services and disable the Alerter and Messenger services.