Home page logo
/

basics logo Security Basics mailing list archives

RE: RPC ports on Win2k
From: "Jones, Steve" <sjones () LMIT com>
Date: Tue, 25 Nov 2003 13:55:47 -0600

Disabling RPC will kill a mass of things.  Go ahead and disable RPC on your
system and you'll see what I'm talking about.  But have fun fixing it.

You are correct in saying that there is no DCOM service (by this, I'm
assuming you mean there is no listing under services with a cute little
point and click to disable).  However, if you change the value of
HKLM\Software\Microsoft\OLE\EnableDCOM to N, DCOM will be disabled after a
reboot.  This change is good for all of the effected OS's, but should only
be used in a home environment.

And to answer the original question.

RPC can use multiple ports, mainly 135 and 139.  If you aren't blocking
these from external sources already - you're crazy and someone else probably
owns your network.  Blocking these ports internally is a bad idea, since
many other windows functions rely on these ports.  

-Steve


-----Original Message-----
From: Chris Berry [mailto:compjma () hotmail com] 
Sent: Tuesday, November 25, 2003 1:35 PM
To: sjones () LMIT com
Subject: RE: RPC ports on Win2k

From: "Jones, Steve" <sjones () LMIT com>
You'd be much better off disabling DCOM instead of the RPC service.

I've since looked at black viper's page and determined that disabling RPC 
would also kill file and print sharing *rolling my eyes*.  As far as I know,

there is no DCOM service, so what are you talking about?

Chris Berry
compjma () hotmail com
Systems Administrator
JM Associates

"The ability to destroy a planet is insignificant next to the power of the 
Force." --Darth Vader

_________________________________________________________________
online games and music with a high-speed Internet connection!  Prices start 
at less than $1 a day average.  https://broadband.msn.com (Prices may vary 
by service area.)

---------------------------------------------------------------------------
----------------------------------------------------------------------------


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]