Link to home
Start Free TrialLog in
Avatar of TePukeHighSchool
TePukeHighSchool

asked on

NET SEND MONITORING

Hi Guys
I have a situation where the students use NET SEND possibly off their flash drives with a bat file to broadcast messages, I have disabled Messenger in the services across the network under the computer level in GP, but the messgaes still get through and display on a printer monitor program we run called P-counter. I have looked into the P counter but this program really needs Net send to run properly, The next best thing is to get a good monitoring program, that will allow me to get the exact IP address of the computer when and where the message comes from. Any ideas on a good monitoring program?


Clint
ASKER CERTIFIED SOLUTION
Avatar of thecomputerdocs
thecomputerdocs
Flag of United States of America image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Cro0707
Cro0707
Flag of Croatia image
Open computer managment (Right click on my computer, choose Manage). Click Action|Connect to another computer... Type computer name which receive popup messages and connect to this computer. Now open Event Log and point to System Logs. Each popup message is recorded in Log. Source column will be "Application popup", with this in content:

Application popup: Messenger Service  : Message from COMPUTERNAME1 to COMPUTERNAME2 on 10/17/2007 10:46:16 AM

OK this is if some program receive popups. Messanger service needs Messanger service to be runned on both machines in order to work. So if you disable Messanger service on workstations that students use, they will be unable to send messages to other computers. Other computers can have messanger service in run state.

Hope this help!!!
Avatar of TePukeHighSchool
TePukeHighSchool

ASKER

Messenger service was disabled, the message was coming through the green pyramid of the client program of P Counter, no there is nothing in the logs I checked, it was broadcasted across the whole network.
Avatar of thecomputerdocs
thecomputerdocs
Flag of United States of America image
If you want to find out where who's sending the message, perhaps you can use the windows network monitor to "sniff" the source of the message?
Avatar of giltjr
giltjr
Flag of United States of America image
You could install something like wireshark (http://www.wireshark.com)  to do a packet capture.  Set it up to just listen for the port that net send uses and only capture the first 128 bytes or so of the packet.