Check or Attack Name: alerter

The alerter service was detected as running. The Windows NT alerter service lets a user send pop-up messages to other users.

A network administrator may consider this ability as an unnecessary risk because these types of services have been used in social engineering attacks. Some users may respond to a request to change their password, create a share, or otherwise open holes in the network. A side effect of running this service is that it causes the current user name to be broadcasted in the NetBIOS name table, giving an attacker a valid user name to use in brute force attempts.

Disable the Alerter service.

To disable the alerter service, follow these steps:

1. Open the Services control panel. From the Windows NT Start menu, select Settings, Control Panel, Services.
2. Select the Alerter service and click Stop.
3. To permanently disable the service, click Disabled.