lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <Pine.LNX.4.58.0310092318410.856@manetheren>
From: pab at heisec.de (Patrick Brauch)
Subject: [normal] Re: MS RPC remote exploit. What about
 DCOMbobulator?

On Thu, 9 Oct 2003, opticfiber wrote:

> It's come to my attetion that disablinf DCOM in windows is near
> impossible without a regedit.

That's usually not what you want anyways. There are ways to disable
RPC/DCOM completely, but systems might not run as they should anymore. the
list of incompatibilities is long and not worth discussing; if you use
windows server as a productive system (i.e. running webserver or alike)
you generally can't just "deactivate" DCOM to be fine -- it just won't
work.

Anyways, while being here, did anyone succeed in proofing that the k-otik
exploit a) compiles and b) really works universal?

cheers,
-- 
Patrick Brauch                            <pab@...sec.de>
heise security                       http://www.heisec.de
c't Magazin fuer Computertechnik   http://www.heise.de/ct
PGP-Fingerprint: 8366 03AC D702 F2BB  C617 E6BC 1811 950E


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ