Re: DCOM

From: Dan (Dan_at_discussions.microsoft.com)
Date: 06/04/05


Date: Sat, 4 Jun 2005 06:39:11 -0700

So you're saying there's no point to disable DCOM as long as I know what IP
address to allow and deny access to port 135 with my firewall.

And you're saying stealthing port 135 is overrated.

"Karl Levinson, mvp" wrote:

>
> "Dan" <Dan@discussions.microsoft.com> wrote in message
> news:068AF04B-D29D-496C-8A73-443393570E91@microsoft.com...
> > Is it necessary to disable DCOM with XP SP 2? And when I do will I be able
> to
> > stealth port 135 with a firewall?
>
> You can stealth 135 with a firewall right now, whether or not you disable
> DCOM, and XP SP2 has little to do with either one. Disabling DCOM doesn't
> change the fact that TCP and UDP ports 135 are listening, as those ports are
> used by RPC and not DCOM. [You can access DCOM via RPC and 135, but DCOM is
> just one of the ports that use the RPC endpoint mapper.]
>
> Stealthing a port is highly overrated. An attacker will usually know there
> is a computer there and be able to gain information from the responses or
> lack thereof. What the firewall is really useful for in this case is
> controlling what IP addresses can access your TCP and UDP ports 135. For
> example, you can allow computers on your local network to access those ports
> while denying access to systems on the Internet from accessing it.
>
> XP SP2 is highly recommended as it increases your security in a significant
> number of ways. Free firewalls include www.kerio.com, www.sygate.com and
> www.zonealarm.com The Windows firewall that comes with Windows XP is good
> enough for most novice home users, but has a different feature set from
> those other firewalls.
>
>
>



Relevant Pages

  • Re: Root exploit for FreeBSD
    ... for two ports to my FreeBSD portscluster nodes. ... and it gives the firewall ... US this is also quite common, at least with regards to University ... if your computer is going to connect on our network it must be configured in certain ways and behave "normally" or you won't get a connection. ...
    (freebsd-questions)
  • Re: Root exploit for FreeBSD
    ... for two ports to my FreeBSD portscluster nodes. ... and it gives the firewall ... US this is also quite common, at least with regards to University ... if your computer is going to connect on our network it must be configured in certain ways and behave "normally" or you won't get a connection. ...
    (freebsd-current)
  • Re: Trouble accessing Outlook Web Access from behind firewall
    ... When starting the firewall I also set ... > rejected and dropped packets are logged, however I see nothing in my log ... > # Higher ports needed to accept incoming/outgoing calls ...
    (comp.security.firewalls)
  • Re: iptables configuration
    ... >> that if a 'virus/trojan' initiated a connection to the net, the firewall ... >> would not protect the LAN. ... The LAN is NATed with private IPs to one public IP. ... the ports that are used by services running on linux. ...
    (comp.os.linux.security)
  • Re: Norton Personal Firewall 2003
    ... |> First thing I would do is put the GRC test site into the Exclusions ... | ports they will not get the same result being in my blocklist, ... the firewall checks unsolicited inbound communications attempts. ...
    (comp.security.firewalls)