| Forum Home | ||||
| Press F1 | ||||
| Thread ID: 37351 | 2003-09-04 22:21:00 | DCOMbobulator - Security Tool | Babe Ruth (416) | Press F1 |
| Post ID | Timestamp | Content | User | ||
| 173069 | 2003-09-04 22:21:00 | In light of the recent Blaster debacle I thought you all might be interested in the following tool. Cheers, Babe. ========== From Fred Langas’ “The LangaList” comes the following about DCOMbobulator New Free Security Tool, Port Scans Steve Gibson,GRC.com ( http://grc.com/) who many of you know as the creator of the free and excellent "ShieldsUp" security testing service, wrote this week: Hi Fred, I wanted to let you know, so that you could tell your readers if you think it's worthy, that I have just (early this morning) released my latest freeware: The DCOMbobulator (grc.com) The DCOMbobulator does two things: * It allows any Windows user to easily test and verify that their Windows' DCOM system *has* been correctly patched to eliminate the serious remote exploit vulnerability which recently brought us all of the MSBlast Internet worm excitement. We have confirmed reports that Microsoft's patch sometimes does not "take", leaving Windows still vulnerable. The DCOMbobulator let's anyone check any local Windows system. * Secondly, and really most importantly, since virtually NO ONE needs (or has ever needed) to have DCOM running, the DCOMbobulator allows any Windows user to safely and easily disable DCOM and unbind it from port 135. I do a comprehensive job of this on ALL versions of Windows, so that if the Windows Task Scheduler and the "Distributed Transaction Coordinator" (MSDTC) services -- which both also use port 135 -- are also disabled, Windows TCP port 135 will finally be closed. ) And by the way, have you SEEN what I've done with/to ShieldsUP!? It's really not a "junior" security testing facility anymore. <<grin>> All the best, Steve Gibson Like Steve's other offerings, the DCOMbobulator is tiny, fast, free, and efficient: It downloads in a flash, and does just what Steve says (above). Plus, it explains what it's doing, and why; and offers an ultra-easy way to reverse the changes, if you should ever need or want to. Nice! And indeed, ShieldsUp! has been expanded and improved considerably, and now also includes a "Port Authority" online database. It can tell you not only what various ports are legitimately used for, but also what known worms, trojans, and such may try to exploit them. You can browse the port database online, or access it directly from your system by creating a URL in the form grc.com where you replace "NUM" with the actual port number you're interested in. For example, if you want to learn about Port 80, you'd type grc.com , and that URL leads you to the page that discusses port 80. It's simple, and it works for any of your PC's 65,535 ports. ShieldsUp also provides a very convenient connection between its reports pages and the database, so you can immediately and easily learn about any ports that ShieldsUp flags as potential trouble spots. The GRC Freeware site is at grc.com ( [url) Freeware [/url] |
Babe Ruth (416) | ||
| 173070 | 2003-09-04 22:27:00 | Thanks Babe Ruth, I'll bookmark that for the Gateway PC... Sadly though the blaster had no effect in my world, as I dont natively run .EXE files ;-) That's very interesting! I really s'pose I should install a firewall and spend a bit of time configuring it... It is becoming a must in today's computing society! |
Chilling_Silently (228) | ||
| 1 | |||||