Full Disclosure mailing list archives
Re: DCOM RPC exploit (dcom.c)
From: Nick FitzGerald <nick () virus-l demon co uk>
Date: Mon, 28 Jul 2003 16:55:51 +1200
Etaoin Shrdlu <shrdlu () deaddrop org> wrote:
There've been a lot of moronic statements made in this thread, true enough,
No there's a surprise... 8-)
but I've actually learned a couple of things here. It's been mostly interesting, strange though that may seem, including (I think it was Nick's) a reference to a site on locking down windows that I hadn't seen before. I dunno.
This one?? Minimizing Windows network services by Jean-Baptiste Marchand http://www.hsc.fr/ressources/breves/min_srv_res_win.en.html.en It is an excellent page for explaining stuff you will not (or at least that I had previously not been able to) find in the MS KnowledgeBase. Also, if you've read that page in the past, please note that it gets updated from time to time but its author seems to neglect updating the date near the top of the page. Despite that date currently reading "(02/09/2002)", and regardless of whether that is a US or "proper" format date, it is quite clearly outdated, as much further down the page you can read: Microsoft released on 4/16/2003 a new version of the rpccfg tool, that can list network interface indexes and configure interfaces restriction. This tool is available at http://download.microsoft.com/ (search keyword: rpccfg). So, if you find this page at all useful or interesting, revisit it occasionally (or add its URL to your favourite page-change alerting service, etc...).
It's a lot more interesting that having some fool complain about Mr. XSS (aka morning wood), and then quote the WHOLE damned post, so that those of us who have him quietly killfiled still get smacked with his sophomoric dribblings. ...
Surely you can't be serious... You don't hang in F-D for Mr XSS's every word? 8-) Regards, Nick FitzGerald _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Re: DCOM RPC exploit (dcom.c), (continued)
- Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Ron DuFresne (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Nathan Seven (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 27)
- Re: DCOM RPC exploit (dcom.c) KF (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Valdis . Kletnieks (Jul 26)
- Re: DCOM RPC exploit (dcom.c) manohar singh (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Etaoin Shrdlu (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Jean-Baptiste Marchand (Jul 29)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 29)
- Re: DCOM RPC exploit (dcom.c) gregh (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Nick FitzGerald (Jul 26)
- RE : DCOM RPC exploit (dcom.c) Nicolas Villatte (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Jason (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Chris Paget (Jul 26)
- Re: DCOM RPC exploit (dcom.c) Jason (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Paul Schmehl (Jul 27)
- Re: DCOM RPC exploit (dcom.c) Jason (Jul 27)