|
Full Disclosure
mailing list archives
Re: [normal] Re: MS RPC remote exploit. What about DCOMbobulator?
From: Russell Fulton <r.fulton () auckland ac nz>
Date: Fri, 10 Oct 2003 06:51:38 +1300
On Fri, 2003-10-10 at 05:09, opticfiber wrote:
It's come to my attetion that disablinf DCOM in windows is near
impossible without a regedit. Hopefully no one's already posted this to
the list, if so my appologies for the redundancy. Steve Gibson from
grc.com creates lots of tiny little applications to tighten up windows
security. One of his latestest programs disables the DCOM service all
together, no need for a patch. This might be a better option rather then
just a patch, espcially for users who don't utilize this service. The
tool can be found at the following URL: http://grc.com/dcom/
Disable DCOM by all means, but also apply the patch! I have seen
numerous cases of where services have been disable to mitigate some
security concern only to be re-enabled later (either by accident or
deliberately) leaving the machine vulnerable.
--
Russell Fulton, Network Security Officer, The University of Auckland,
New Zealand.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
 By Date 
By Thread
Current thread:
|
Intro
