Vulnerability Development mailing list archives
Re: SUMMARY: SMB overflow attacks
From: "Aditya" <adityald2 () gmx net>
Date: Sat, 31 Aug 2002 13:47:43 +0530
sorry about the mistake about the DCOM - the good thing is already you have disabled that for 1025 - you have to disable the schduler service "mstask.exe" for 1027 its dcom -aditya ----- Original Message ----- From: "Jason Coombs" <jasonc () science org> To: "Aditya" <adityald2 () gmx net>; <vuln-dev () security-focus com> Sent: Saturday, August 31, 2002 8:33 AM Subject: RE: SUMMARY: SMB overflow attacks
DCOM is already disabled and all transports are removed from the list in DCOMCNFG.EXE. System still binds to 1025 TCP. Are you sure this is all you did to stop this port binding on your box? Thanks. Jason Coombs jasonc () science org -----Original Message----- From: Aditya [mailto:adityald2 () gmx net] Sent: Friday, August 30, 2002 5:47 AM To: jasonc () science org; vuln-dev () security-focus com Subject: Re: SUMMARY: SMB overflow attacks the 1025 port is bound because the machine in win2k which has com enabled
by
default disable com and this will vanish aditya ----- Original Message ----- From: "Jason Coombs" <jasonc () science org> To: <vuln-dev () security-focus com> Sent: Friday, August 30, 2002 5:10 AM Subject: RE: SUMMARY: SMB overflow attacksHowever, port 1025 is still being bound by SYSTEM ... I have no idea
why.
Current thread:
- Re: SUMMARY: SMB overflow attacks Aditya (Aug 31)
- RE: SUMMARY: SMB overflow attacks Jason Coombs (Aug 31)
- Re: SUMMARY: SMB overflow attacks Aditya (Aug 31)
- RE: SUMMARY: SMB overflow attacks Jason Coombs (Aug 31)
- RE: SUMMARY: SMB overflow attacks Thierry De Leeuw (Sep 02)
- Re: SUMMARY: SMB overflow attacks Aditya (Aug 31)
- RE: SUMMARY: SMB overflow attacks Jason Coombs (Aug 31)
- <Possible follow-ups>
- Re: SUMMARY: SMB overflow attacks Cade Cairns (Aug 31)