Full Disclosure mailing list archives
RE: DCOM Exploit MS03-026 attack vectors
From: "Bryan K. Watson" <bwatson () nettracers com>
Date: Fri, 1 Aug 2003 10:29:46 -0700 (PDT)
Because 9 times out of 10 port 135 is blocked by some sort of firewall, whilst port 80 is not blocked on a web server.
Not telecommuters on dial-up IP's and Blue-Toothed into the net thru their Ericsson phones, and surfing from the airport and WIFI cafes of the world. Most Sysadmins are still oblivious to the need for desktop/personal firewalls like Zone Alarm and McAfee. Dial up IP address pools are THE attack vector to watch out for, since a crack there will crack the private networks of the world, either thru VPN, or when the user walks back into the office and plugs in the wormed system. Spend hundreds of thousands on firewalling, millions in man hours on security, then let unprotected laptops in and out of your network, and allow uncontrolled home computers to VPN....what a waste. You don't need high bandwidth for the initial spread....just a good vector. People need to think about this threat differently...I'm sure that the crackers and espionage folks already have. -Bryan _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- DCOM Exploit MS03-026 attack vectors Paul Tinsley (Jul 31)
- Re: DCOM Exploit MS03-026 attack vectors Nick FitzGerald (Aug 01)
- <Possible follow-ups>
- RE: DCOM Exploit MS03-026 attack vectors Brad Bemis (Jul 31)
- RE: DCOM Exploit MS03-026 attack vectors Paul Tinsley (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Jasper Blackwell (Jul 31)
- Re: RE: DCOM Exploit MS03-026 attack vectors Richard Spiers (Aug 01)
- Re: RE: DCOM Exploit MS03-026 attack vectors Geoincidents (Aug 02)
- Re: RE: DCOM Exploit MS03-026 attack vectors Richard Spiers (Aug 01)
- RE: RE: DCOM Exploit MS03-026 attack vectors Parker, Jeff (MSE) (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Bassett, Mark (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Bryan K. Watson (Aug 01)
- Re: DCOM Exploit MS03-026 attack vectors Jeremiah Cornelius (Aug 01)
- Re: DCOM Exploit MS03-026 attack vectors Ron DuFresne (Aug 02)
- RE: DCOM Exploit MS03-026 attack vectors Bryan K. Watson (Aug 01)
- RE: DCOM Exploit MS03-026 attack vectors Nick FitzGerald (Aug 02)