Articles

Metasploit Framework Windows Tutorial
Remote Desktop Connection
Windows Processes That May Be Dangerous
How-To use NetCat a Tutorial
Common Linux Commands
Common Ports
Netcat Commands
HTTP Response Codes
War-Google Hack Terms
Wardriving
Avoiding Social Engineering and Phishing Attacks
Intrusion Detection on Linux
Linux Intrusion Detection
Penetration Testing Guide
Penetration Testing Tools
Social Engineering Fundamentals, Part I: Hacker Tactics
Social engineering (computer security)
The Psychology of Social Engineering

The Archives

General GSO
GovernmentSecurity.org News & Suggestions
In The News
Open Topic
General Security Information
Trash Can
Exploit & Vulnerability Mailing List Archives
Trial Member Forum
Product and Program Reviews GSO Tutorials
System Security
Windows Systems
Beginners Section
Linux & Unix Systems
File Downloads
Exploit Research & Discussion Trojan & Virus Errata
Networking Security / Firewall / IDS / VPN / Routers
System Hardening
E-Mail Security
Wifi Security
Trial Member Uploads
Upload discovered Trojans & Mal ware
GSO Programming Section
C , C++ , VC++
Visual Basic.NET
Perl /CGI
Java/Javascript
PHP/XML/ASP/HTML
Assembly + Other
The Cork Board
Network Security Consultant Directory
Network Security Jobs
The Archives
Encryption Information
General Network Security
Internet Anonymity
HTTP Protocol Security
Linux Security
MS IIS Information
Exploit Articles
Programming / Tool Design
GSO Software Projects
Public Downloads
Microsoft Security Questions and Papers
Help - Search - Member List - Calendar
GovernmentSecurity.org > System Security > System Hardening
=k3Rn=
Oct 16 2003, 02:43 AM
Windows Registry Editor Version 5.00
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Ole]
"EnableDCOM"="N"

can you secure a system by using this reg-key do that dcom service isnt started at all?

thx for any replies!
noam
Oct 16 2003, 04:58 AM
as far as i know, it works perfectly!
it disables dcom, so both dcom1/2 are "patched" smile.gif
virus
Oct 16 2003, 06:57 AM
already discussed at the forum .....
but I'll let this one stay as its a separate thread and is helpful for protecting against DCOM exploits wink.gif
thatsmej
Oct 16 2003, 07:35 AM
QUOTE (noam @ Oct 16 2003, 04:58 AM)
as far as i know, it works perfectly!
it disables dcom, so both dcom1/2 are "patched" smile.gif

i tried it local..
and was still able to get my self a shell on rpc1...

microsoft says it should work...
but on my win2k sp3 it didnt...
hermel
Oct 16 2003, 11:48 AM
It works first after a restart
=k3Rn=
Oct 17 2003, 12:22 AM
ok, one restart. but then it should be fixed - right?
0xc0000005
Oct 17 2003, 09:19 AM
i remember that shit is a little bit old to change the reg key from Y (=YES) to "N" (=NO)

but @ Linux regedit this entry doesn't exist, or?!
hermel
Oct 17 2003, 09:45 AM
@ =k3Rn=
Yes wink.gif

@ 0xc0000005
No it works only on WIN

dozolax
Dec 20 2003, 03:33 AM
good post
ST.
Jan 19 2004, 11:01 PM
if i'll disable it, what i'll lose?
system stability will be ok?
virus
Jan 20 2004, 03:44 PM
I disabled it on my system and works fine. Basically depends on the applications that you are using. Maybe you have an app that uses DCOM ..... so it depends
Dinos
Jan 20 2004, 04:07 PM
Greetings,
My first post in the board... There is no problem disabling the key, unless you are one of the following: a) a user working with shared contacts in a ms exchange server enviroment cool.gif a user working with very specific web base programs.

Regards,
Dinos
TaScam
Feb 2 2004, 03:38 PM
only the restart sad.gif . But is beter then be rehacked. So nice solution smile.gif
thx M8
vnet576
Feb 2 2004, 04:09 PM
QUOTE (TaScam @ Feb 2 2004, 10:38 AM)
But is beter then be rehacked.

So u are already hacked?

laugh.gif
forza
Feb 16 2004, 07:43 PM
or just this tool
http://grc.com/dcom/ :-)
esorone
Feb 24 2004, 07:53 PM
Thx for this post,

Find it very usefull
cecrex
Feb 26 2004, 11:15 PM
installing the patch is the easiest and the best way..
TwitcH
Mar 14 2004, 12:46 PM
i agree with cetrex, just keep up to date with the windows updates you should be fine smile.gif
MaNiAx
Jul 22 2004, 06:55 AM
nice tool forza, helps everyone on my network stay clean and put smile.gif
This is a "lo-fi" version of our main content. To view the full version with more information, formatting and images, please click here.
Invision Power Board © 2001-2005 Invision Power Services, Inc.