[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 254
  • Last Modified:

Net Messages

Hi Guys,
   Is there any utility to spy on WinPopup messages being sent around the LAN?  Somehow peek at them then let them continue on.

Also, is there a way to stop incomming popup messages?  I've stopped it once but I can't remember how to do it again.
I'm using NT4 sp6.

Many Thanks
Woody.
0
WoodyJ007
Asked:
WoodyJ007
  • 5
  • 3
1 Solution
 
Droby10Commented:
you can use any network sniffer with a promiscuous network driver to spy on the messages...

to stop it locally, disable the local messaging service.
0
 
WoodyJ007Author Commented:
Whats the best tool for this job?  Free or shareware preferable.

Cheers
Woody.
0
 
Droby10Commented:
you'll first need a ndis driver (winpcap)
looks like the netgroup server is down...

here's a mirror
http://www.datanerds.net/~mike/netgroup-serv.polito.it/winpcap/


once you have that downloaded and installed, you can use any number of windows-based sniffers

  - windump also available from the same mirror
http://www.datanerds.net/~mike/netgroup-serv.polito.it/windump/

  - ethereal
http://packetstorm.securify.com/sniffers/ethereal/ethereal-0.8.5.tar.gz

  - sniffit (nt/2k sniffer)
http://packetstorm.securify.com/sniffers/sniffit/sniffit_NT.0.3.7.beta.zip

0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
WoodyJ007Author Commented:
Ok.  Thanks.

I'll try them out.  Will get back to you soon.
0
 
WoodyJ007Author Commented:
They all seem very complex to use.  I just need to view the Winpopup messages that are being sent around the LAN.

Woody.
0
 
Droby10Commented:
yeah, you'll get a lot of garbage with a sniffer...
you should be able to set a filter so that you're only monitoring traffic on the nbt ports 135-139...(i think the sequence goes udp 137 for a lookup and then tcp 139 for the actual message...but i could be wrong)...
0
 
WoodyJ007Author Commented:
I've tried peeking at the packets as they come in but I can't see the text in there anywhere.
0
 
WoodyJ007Author Commented:
Thanks for the help.  Didn't manage to do it in the end but I did learn some other cool stuff.

Thanks
Woody.
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now