Re: DCOM

From: Karl Levinson, mvp (levinson_k_at_despammed.com)
Date: 06/04/05

• Next message: Karl Levinson, mvp: "Re: list of essential xp start up menu items"
• Previous message: David H. Lipman: "Re: unable to remove program"
• In reply to: Dan: "DCOM"
• Next in thread: Dan: "Re: DCOM"
• Reply: Dan: "Re: DCOM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Date: Fri, 3 Jun 2005 23:18:42 -0400

"Dan" <Dan@discussions.microsoft.com> wrote in message
news:068AF04B-D29D-496C-8A73-443393570E91@microsoft.com...
> Is it necessary to disable DCOM with XP SP 2? And when I do will I be able
to
> stealth port 135 with a firewall?

You can stealth 135 with a firewall right now, whether or not you disable
DCOM, and XP SP2 has little to do with either one. Disabling DCOM doesn't
change the fact that TCP and UDP ports 135 are listening, as those ports are
used by RPC and not DCOM. [You can access DCOM via RPC and 135, but DCOM is
just one of the ports that use the RPC endpoint mapper.]

Stealthing a port is highly overrated. An attacker will usually know there
is a computer there and be able to gain information from the responses or
lack thereof. What the firewall is really useful for in this case is
controlling what IP addresses can access your TCP and UDP ports 135. For
example, you can allow computers on your local network to access those ports
while denying access to systems on the Internet from accessing it.

XP SP2 is highly recommended as it increases your security in a significant
number of ways. Free firewalls include www.kerio.com, www.sygate.com and
www.zonealarm.com The Windows firewall that comes with Windows XP is good
enough for most novice home users, but has a different feature set from
those other firewalls.

---

• Next message: Karl Levinson, mvp: "Re: list of essential xp start up menu items"
• Previous message: David H. Lipman: "Re: unable to remove program"
• In reply to: Dan: "DCOM"
• Next in thread: Dan: "Re: DCOM"
• Reply: Dan: "Re: DCOM"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

---

Relevant Pages Re: New stealth test in Pc-flank ... firewall is absolutely absurd. ... you what ports they're using. ... something's from local network, as can stand-alone desktops with a firewall ... Again the never ending stupid stealth stuff. ... (comp.security.firewalls) Re: NIS 2002 upgraded to 2003, Stealth ports?? ... >from Symantec or GRC they both say the ports are closed and not stealth ... >and I should check my firewall settings! ... >I even tried to install NIS 2003 on a clean install of Winxp and it does ... (comp.security.firewalls) Re: Someone is Scanning my computer ... You don't really need to worry about the actual scan. ... there's no need to worry as you run a firewall. ... if I have this STEALTH classification.. ... Ports Closed ... (microsoft.public.windowsxp.basics) Re: OT: Best Antivirus? ... especially on a port with some known vulnerability. ... to the target host and wasn't intercepted and dropped by the firewall. ... find open ports. ... a "stealth" firewall, still provides little hope of finding any open ports ... (rec.autos.sport.f1) Re: OT: Best Antivirus? ... to the target host and wasn't intercepted and dropped by the firewall. ... find open ports. ... a "stealth" firewall, still provides little hope of finding any open ports ... But if there was no telnet service running in the first place where would the vulnerability come from? ... (rec.autos.sport.f1)

---

We are proud to have Web Hosting and Rack Housing from 9 Net Avenue Deutschland.
(14)