| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 44066 | 2004-04-05 23:12:00 | rpcss exe | iron-zeus (3479) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 227479 | 2004-04-05 23:12:00 | I'm running Win Me IE6 I've had this RPCSS.EXE on my computer for as long as i can remember, and it connects through the internet on a regular basis, as i see it through my fire wall, The problem is that now and then my firewall blocks it, and then comes up with this in the log "[181.1] Inbound DCE BIND to potentially vulnerable RPC DCOM interface attempt detected" Can any one shed some light on this, or tell me if i can delete the thing, I end its process most of the time if i see it running, but 5 minutes later its up and running again:( Thank you for any help:) |
iron-zeus (3479) | ||
| 227480 | 2004-04-05 23:20:00 | Read all about it here: cexx.org |
godfather (25) | ||
| 227481 | 2004-04-05 23:30:00 | Read all about it here: cexx.org Thanks godfather, i've already read that one, but it doesn't mention anything about Win ME? Or if it should be getting blocked by my firewall, and if it is getting blocked is what its trying to do bad?? |
iron-zeus (3479) | ||
| 227482 | 2004-04-05 23:43:00 | Read the first paragraph. References to Win 9x = Windows ME |
godfather (25) | ||
| 227483 | 2004-04-06 00:20:00 | I not sure if ME is exploitable through it now (depending on OS & program updates), just in case make a rule in your firewall to block rpc.exe from communicating with the WAN (internet), in or out. Relax the rule if things don't work as they should. Are you on a network? I take it that your security and patches are up to date. Cheers Murray P |
Murray P (44) | ||
| 227484 | 2004-04-06 03:49:00 | Thanks murray i put a block on it, i'll wait and see what happens. Yes my updates are all up to date:) | iron-zeus (3479) | ||
| 1 | |||||