Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: Marbles <Marbles@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sat, 22 Mar 2008 10:37:02 -0700
Hello Fellas
GRC is a beginning source of security. Yes there are many sources of info on
the net that can give you detailed info on security. Starting at Microsoft
web site.Lots of resources on and making adjustments to you OS.
Does you router have the ability to detect programs that access the net and
also prevent programs access as well ?
....If not or If so
A simplified scenario for your Router
In XP svchost by default accesses the net. DHCP service is just one service
that is launched through the svchost process. Firewalls recognize this to be
a legit process and no blocking is performed unless you specifically block
svchost.
What ever service that is using svhost as a launch point will all ready have
access. A legit process or a naughty program that incorporates its process to
part of the svchost.
Then if a nasty service some how got on your Operating System. Launching it
self through Svchost. Your router has just been compromised by this rogue
svhost service.
Router 99.98% ..why you ask?? 100% perfection to infinity is where we all
fall short including technology.
Allan has the correct approach in how to contructively learn and make
adjustments to propel his learning process further.
An interesting discussion have a good weekend fellas !
"Allan" wrote:
.
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:eY0Kwl6iIHA.1184@xxxxxxxxxxxxxxxxxxxxxxx
My last feedback -- don't rely on information on GRC, the scare monger.Dave, I don't know if you are aware of the tweak to disable NetBios without
Gibson made his money selling a program to change the interleave of
MFM/RLL drives when
there were free alternatives.
Gibson is not an authorative source for INFOSEC related information.
And yes, my BEFSRxx, with ports specifically being blocked, is 100%
reliable.
--
Dave
editing the Registry :
http://security.symantec.com/sscv6/NetBIOS_FAQ.asp?langid=ie&venid=sym&plfid=23&pkj=VRZCCSCEFRQBCBZLSRZ
I checked my services and I already had COM+ Sys App service disabled; I
believe most users with standalone PC's can safely disable this service.
(That is, even without disabling DCOM as per the OP's instructions).
Even after you disable NetBios as per the instructions on the Symantec
website, you cannot disable the NetBios service; it is still needed for
connectivity for some reason. You would still need to block ports 135-138 in
your router after making this tweak.
--
Allan
- Follow-Ups:
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: David H. Lipman
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: Bruce Chambers
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- References:
- Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: Marbles
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: David H. Lipman
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: David H. Lipman
- Tech Tip: This is how You Disable Dcom & close Down Port 135
- Prev by Date: Re: Event log fills up with Failure Audit events (XP-Pro)
- Next by Date: Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- Previous by thread: Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- Next by thread: Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- Index(es):
Relevant Pages
|
|
