Windows optimize

Classic Tip: Prevent your users from talking to each other

Networks are supposed to foster communication, but sometimes you don't want users communicating TOO much. Here's a classic tip about how to stop NetWare users from messaging each other directly across a network. Doing so in Windows presents a challenge.

Networks are supposed to foster communication, but sometimes you don't want users communicating TOO much. Here's a classic tip about how to stop NetWare users from messaging each other directly across a network. Doing so in Windows presents a challenge.  -------------------------------------------------------------

Instant messaging is as common a form of business communication today as e-mail for many organizations. The ability to send messages directly from user to user is nothing new however. You've been able to do it within network operating systems almost from the beginning.

In some situations, you might not WANT your users to be able to talk to each other. In that case, you need to be able to shut off the operating system's native message feature.

From the TechMail Archives

In the 80s and 90s if you ran a network, you probably ran NetWare. This tip comes from TechRepublic's NetWare Tip TechMail dated 12/20/1999:

Today's NetWare Tip


Are your users sending messages to each other across the network? It happens a lot in a school environment, for example. If this is a problem within your network, you can reconfigure the client to disable the Send Message function.

If you're running one of the more recent Windows 95/98/NT NetWare clients, users are able to send messages by right-clicking the N icon on the taskbar and selecting Send Message. To disable this function, follow these steps from the Windows desktop:

1. Right-click the Network Neighborhood icon.

2. Double-click Novell NetWare Client.

3. Enter the Advanced Settings tab.

4. Select Graphical Interface from the Parameter Groups drop-down box.

5. Select Send Message.

6. Select Off from the Settings drop-down box.

7. Click OK to accept your changes.

The feature is now disabled. Consider adding Windows policies to restrict a user from going back into the client configuration and re-enabling the option.

Disabling messaging in a Windows world

In today's network environment, you may still have some NetWare servers running, but chances are you're in a Windows shop. You can, of course, disable Windows Messenger via Group Policy and prevent other IM clients from being installed. That's one way to keep users from talking to each other.

Unfortunately, they can also still send messages directly using the Net Send or MSG commands from a command prompt. These commands send messages in a method similar to the way NetWare did it above. The messages are routed directly to the target machine.

Net Send works with the Messenger service so you can turn it off by disabling the Messenger service on the system. The MSG.EXE program presents a different problem.

MSG.EXE is a replacement for Net Send that doesn't rely on the Messenger service. If you research it on the Web, you'll find lots of confusing information, some of it calling MSG.EXE a virus or worm. It's actually a Microsoft utility for sending messages across a network, but it can be hijacked for nefarious purposes.

The easiest way to prevent users from using it is to simply remove the MSG.EXE file from the workstation. I've tried to find other information about how to block MSG.EXE messages, but I haven't been successful, including blocking certain TCP/IP ports. I've tried everything short of deleting MSG.EXE, but it still works on my test machine. Does anyone have any ideas?< -->< -->< -->

John Sheesley - TechRepublic Pro
John Sheesley - TechRepublic Pro

In Classics Rock, I highlighted a tip from 1999 about how to keep NetWare users from messaging each other. Plus, I discussed how to disable Net Send in a Windows environment. Windows Vista however includes MSG.EXE which does the same thing, but not via the Messenger service like Net Send. Short of erasing MSG.EXE can anyone think to how to disable it or block message transmissions?


Before I learned of a more elegant way to block the evil ctfmon.exe, I used group policy's "Software Restriction Policies" feature to disable it throughout the LAN. Navigate to: Computer Configuration/Windows Settings/Software Restriction Policies/Additional Rules Right-click in the right-hand pane and choose "New Hash Rule." Browse to and select msg.exe. The "File hash" and "File information" fields will be filled out for you, leaving you to fill in the optional "Description." Leave the "Security level" drop-down at the default "Disallowed." Now anytime that a user or process attempts to run msg.exe, it will fail, and an entry will be written to the Application log in Event Viewer. This works great on all of those annoying startup processes that msconfig just can't seem to beat! =) One caveat is that if the software that is on your server is of a different version than that on your workstations (as occurred to me with ctfmon.exe), the hash will be different and the workstations will continue to happily run the offending code. A little rename, copy & paste before creating the new hash rule will get you around that, as would creating the hash rules locally on the workstations. HTH, JimmyJazz