Re: RPC/DCOM

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: Benny (anonymous_at_discussions.microsoft.com)
Date: 09/20/04 

Date: Sun, 19 Sep 2004 19:36:58 -0700

Hi again,
I had the Shields Up test a week ago and they said this
amongst other things:
Your system has achieved a perfect "TruStealth" rating.
Not a single packet - solicited or otherwise - was
received from your system as a result of our security
probing tests. Your system ignored and refused to reply
to repeated Pings (ICMP Echo Requests). From the
standpoint of the passing probes of any hacker, this
machine does not exist on the Internet. Some questionable
personal security systems expose their users by
attempting to "counter-probe the prober", thus revealing
themselves. But your system wisely remained silent in
every way. Very nice.
Unable to connect with NetBIOS to your computer.
All attempts to get any information from your computer
have FAILED. (This is very uncommon for a Windows
networking-based PC.) Relative to vulnerabilities from
Windows networking, this computer appears to be VERY
SECURE since it is NOT exposing ANY of its internal
NetBIOS networking protocol over the Internet.

Benny
>-----Original Message-----
>Nasty and recurring ;-)
>
>Please read the following vulnerability patch statements
addressed by Microsoft Security
>Bulletin MS04-012 - KB828741
>
>http://support.microsoft.com/default.aspx?scid=kb;en-
us;828741 and finally
>http://www.microsoft.com/technet/security/bulletin/ms04-
012.mspx
>
>Basically, based upon multiple vulnerabilities in
Microsoft's implementation of the Remote
>Procedure Call/ Distributed Communications Internet
worms have exploited the vulnerabilities
>and have infected 100's of thousands of computers. The
most notable of the Internet worms
>that exploited the RPC/DCOM vulnerabilities via TCP port
135 is the Lovsan/Blaster worm that
>reeked havoc a little over one year ago.
>
>Dave
>
>
>
>
>
>"Benny" <anonymous@discussions.microsoft.com> wrote in
message
>news:297a01c49eb5$43eed010$a301280a@phx.gbl...
>| Hi,
>| Anyone know what the Buffer Overflow vulnerabilities in
>| RPC/DCOM in WinXP are?
>| Benny
>
>
>.
>

Relevant Pages

  • [NEWS] Worms Wreak Havoc on the Net in 03
    ... A rash of fast-spreading worms is being blamed for a more than ... The number of confirmed attacks ... according to a new report released by Internet Security ... vulnerabilities discovered during the first quarter. ...
    (alt.computer.security)
  • [NEWS] Worms Wreak Havoc on the Net in 03
    ... A rash of fast-spreading worms is being blamed for a more than ... The number of confirmed attacks ... according to a new report released by Internet Security ... vulnerabilities discovered during the first quarter. ...
    (comp.security.misc)
  • Re: [fw-wiz] Stats on how common NAT is?
    ... > companies over the years that have used NAT as Bill Royd's ... any network topology, which connects to the Internet, IMHO. ... vulnerabilities, threats and attacks across several redundant ... balance vulnerabilities, threats and attacks with risks, ...
    (Firewall-Wizards)
  • Re: Windows XP SP2 Elaborate Please
    ... They keep saying vulnerabilities, but to whom. ... I think if your smart enough not to enter untrusted web sites, and you don't accept e-mails from people you don't know, isn't that enough. ... In "Engrish" that's exactly what it means: When connected to the Internet and even not connected to the Internet there are several vectors of attack that a malicious application / user may take to either enumerate information, take control, use as a bouncing point and the list goes on... ... The best thing to realize and understand is that no computer that is connected to the Internet, a network etc...is 100% safe. ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Vulnerable Internet Explorer
    ... How to disable the ADODB.Stream object from Internet Explorer ... Critical Update for Microsoft Data Access Components - Disable ADODB.Stream ... PCs - and switching to another web browser, ... possible to reduce exposure to these vulnerabilities by ...
    (microsoft.public.windows.inetexplorer.ie6.browser)