Full Disclosure mailing list archives
Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator?
From: Russell Fulton <r.fulton () auckland ac nz>
Date: Fri, 10 Oct 2003 06:51:38 +1300
On Fri, 2003-10-10 at 05:09, opticfiber wrote:
It's come to my attetion that disablinf DCOM in windows is near impossible without a regedit. Hopefully no one's already posted this to the list, if so my appologies for the redundancy. Steve Gibson from grc.com creates lots of tiny little applications to tighten up windows security. One of his latestest programs disables the DCOM service all together, no need for a patch. This might be a better option rather then just a patch, espcially for users who don't utilize this service. The tool can be found at the following URL: http://grc.com/dcom/
Disable DCOM by all means, but also apply the patch! I have seen numerous cases of where services have been disable to mitigate some security concern only to be re-enabled later (either by accident or deliberately) leaving the machine vulnerable. -- Russell Fulton, Network Security Officer, The University of Auckland, New Zealand. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- MS RPC remote exploit. Sudharsha Wijesinghe (Oct 09)
- Re: MS RPC remote exploit. Patrick Brauch (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? opticfiber (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Russell Fulton (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Vladimir Parkhaev (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? Patrick Brauch (Oct 09)
- Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator? opticfiber (Oct 09)
- Re: MS RPC remote exploit. Kilian CAVALOTTI (Oct 09)
- RE: MS RPC remote exploit. Nathan (Oct 09)
- Re: MS RPC remote exploit. Stephen (Oct 09)
- RE: [inbox] Re: MS RPC remote exploit. Curt Purdy (Oct 09)
- SV: MS RPC remote exploit. Peter Kruse (Oct 09)
- Re: SV: MS RPC remote exploit. Telefónica Deutschland (Oct 09)
- <Possible follow-ups>
- RE: MS RPC remote exploit. Trey Mujakporue/UK/Tesco (Oct 10)
- Re: MS RPC remote exploit. Patrick Brauch (Oct 09)