Bugtraq mailing list archives

Re: Leveraging search engines against FrontPage enabled websites

From: mikenel () WAM UMD EDU (Michael Nelson)
Date: Tue, 28 Apr 1998 15:49:33 -0400


On Tue, 28 Apr 1998, David LeBlanc wrote:

2) MMC and a number of the newer admin tools for various NT-ish sorts of
things use DCOM, which runs across 135 UDP, and does NOT depend on 139
being accessible to function.  Also note that DCOM does NOT depend on the
right to log on from the network.  It is definately a smart thing to put
filters in front of the NT box which keep it from accepting packets to 135
(UDP and TCP).  Some of the DCOM utilities have overly broad permissions to
access the thing, but appear to be fairly reasonable about letting you
actually change important items.


DCOM runs across either TCP or UDP. If Win95 is on one end, TCP is always
used. Port 135 is used to bootstrap connections, do activation, and some
other administrative cruft; application communication takes place over a
port in the >1024 range.

See http://www.wam.umd.edu/~mikenel/dcom/dcomfw.htm for the gory details
on this and how you can restrict the range (and force TCP to always be
used on NT). I have a bunch of new things that I need to add to it, and I
will make an announcement here when I do if people are interested.

-mike

Current thread:

Re: Leveraging search engines against FrontPage enabled websites MrJeKKyL (Apr 26)
- Re: Leveraging search engines against FrontPage enabled websites David LeBlanc (Apr 28)
  - Re: Leveraging search engines against FrontPage enabled websites Michael Nelson (Apr 28)
- [Debian 2.0] /usr/bin/suidexec gives root access Thomas Roessler (Apr 28)
  - Re: [Debian 2.0] /usr/bin/suidexec gives root access Russell Coker - mailing lists account (Apr 28)
    - Re: [Debian 2.0] /usr/bin/suidexec gives root access Joey Hess (Apr 28)