quote:
Originally posted by segosa
For starters, everything is routed THROUGH the messenger servers UNLESS you have "allow msn messenger to connect directly to your contacts" (though don't know if this option is there anymore)
No this option isn't there any more for two reasons;
1) MS didn't want a ton of bandwidth being sent through their servers
2) Ip2Ip transfers are generally quicker, so it was switched to this.
This is enabled by default and there is no option to change it. If you go to the Main Messenger Window > Tools > Options > Connection, you can see if you are connected directly to the .NET Messenger Service. If you are this means you have either a direct connection to the internet, or one that is through a uPnP router\NAT. If it is direct all connections made (like file transfers, audio and video chat) are sent directly to your contact, and this means if any of these connections are made they can get your IP address.
quote:
Originally posted by segosa
"if you have no firewall or protection of some sort he can get in"
Bullshit.
It is true that most of the time having a decent firewall up and running will not help if you're already infected, but it really depends on a hackers method of exploiting users. For example some firewalls are designed to block remote attempts to connect to trojans using advanced detection, even if you have allowed the infected program to use the internet.
Also in the case of vulnerable windows programs, firewalls can help block attempts to remotely connect to software by closing and hiding ports and blocking attempts to connect that are obviously malicious.
Firewalls can help, but if the method of exploiting your computer was advanced enough and taken care of, then it won't be of much use.
Edit: Why don't you just find the address out of the person who sent it and report it to MSN support?
/ 
![[Image: anubis5hq.png]](http://img70.imageshack.us/img70/1078/anubis5hq.png)
