Re: Tech Tip: This is how You Disable Dcom & close Down Port 135

From: "Marbles" <Marbles@xxxxxxxxxxxxxxxxxxxxxxxxx>

| Hello Fellas
|
| GRC is a beginning source of security. Yes there are many sources of info on
| the net that can give you detailed info on security. Starting at Microsoft
| web site.Lots of resources on and making adjustments to you OS.
|
| Does you router have the ability to detect programs that access the net and
| also prevent programs access as well ?
|
| ...If not or If so
|
| A simplified scenario for your Router
|
| In XP svchost by default accesses the net. DHCP service is just one service
| that is launched through the svchost process. Firewalls recognize this to be
| a legit process and no blocking is performed unless you specifically block
| svchost.
|
| What ever service that is using svhost as a launch point will all ready have
| access. A legit process or a naughty program that incorporates its process to
| part of the svchost.
|
| Then if a nasty service some how got on your Operating System. Launching it
| self through Svchost. Your router has just been compromised by this rogue
| svhost service.
|
| Router 99.98% ..why you ask?? 100% perfection to infinity is where we all
| fall short including technology.
|
| Allan has the correct approach in how to contructively learn and make
| adjustments to propel his learning process further.
|
| An interesting discussion have a good weekend fellas !
|

The problem with that scenerio, you are already infected. I am more interested in keeping
hackers and I-worms (and some exploitation Trojans) from getting in.

Safe Hex is the *best* protection backed up by anti virus software.

The Router can't be "compramised". It can not be accessed from the WAN side and it runs
from ROM.

I don't believe in "tweaking" the OS. I believe in border protection and won't use software
based FireWall applications.

Tweaking the OS can have negative side effects as in breaking various OS communication
constructs.

Yes... This is a good discussion. :-)


--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp


.