Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: "David H. Lipman" <DLipman~nospam~@Verizon.Net>
- Date: Sat, 22 Mar 2008 16:11:06 -0400
From: "Marbles" <Marbles@xxxxxxxxxxxxxxxxxxxxxxxxx>
| Not necessarly that a computer has to be infected. All it takes is an
| exploitation of the svchost process.
|
| Routers are vulnerable. Proof that Cisco, one the largest networking
| suppliers had a router comprimised. If Cisco had an exploitation of a
| router.Then certainly Linksys ,Dlink or any other router are vulnerable..its
| a thing called time & exploitation. Or a matter of time before some brainiac
| discovers another exploitation of a router
|
| *******************************************************
| The following link is presented for the purpose of evidence that Routers can
| be comprimised. This information intent is for evidence and not the purpose
| to lead others to do such acts of a malicious nature**
|
| ********************************************************
| Cisco Router Exploitation
|
| ********** http://antionline.com/showthread.php?t=197482 **********
|
| *********************************************************
|
| Yes I concur on your findings of shutting down services can negate the
| function of the OS. Just be very careful on what you turn off. Never turn off
| Remote Procedure Call (RPC) service. It's the backbone for all the services.
|
| *** Yes... This is a good discussion. :-)**** Bingo Thats the ticket !***
|
There are vulnerabilities in Routers.
Wireless Routers have the most propensity for vulnerability exploitation.
However, I steer away from wireless completely and only use/set wired Routers.
Here is a note on a BEFSR41 vulnerability that has long since been fixed.
http://seclists.org/isn/2002/Nov/0007.html
Note that this vulnerability stems from the LAN side, not the WAN side.
Which also proves that mitigation of vulnerability exploitation extends to hardware
appliances as well as the OS and all installed OS software and utilities.
As for true exploitation of a Router, it would have to come fro the WAN side. If the Router
is locked down (such as; disabling ICMP replies, disabling remote admin, disabling remote
update, etc) then there is no access point to the Router from the WAN side and it would not
be a target.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
Multi-AV - http://www.pctipp.ch/downloads/dl/35905.asp
.
- References:
- Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: Marbles
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: David H. Lipman
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: David H. Lipman
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: Marbles
- Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- From: David H. Lipman
- Tech Tip: This is how You Disable Dcom & close Down Port 135
- Prev by Date: Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- Next by Date: Re: Windows Security Center
- Previous by thread: Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- Next by thread: Re: Tech Tip: This is how You Disable Dcom & close Down Port 135
- Index(es):
Relevant Pages
|
|
