Disabling DCOM on Win2K SP2?

TheMSsForum.com: The Microsoft Software Forum

Microsoft has a workaround for these RPC vulnerabilities which is to disable
DCOM. However, they say that on Win2K you must be on at least SP3...Since
you can disable DCOM on NT4.0, I need to figure out why the SP requirement
on Win2K.

Any help appreciated.

Thanks,

Erik.
Top

Re: Disabling DCOM on Win2K SP2? by Karl

Karl
Tue Sep 16 12:29:30 CDT 2003

There is a FAQ on disabling DCOM at www.ntbugtraq.com I believe it says you
need SP3, and clearly your post indicates that's what Microsoft is saying as
well, so believe them.


"Erik Zakoske" <erik.zakoske@cardinal.com> wrote in message
news:%239U3WaHfDHA.616@TK2MSFTNGP11.phx.gbl...
> Microsoft has a workaround for these RPC vulnerabilities which is to
disable
> DCOM. However, they say that on Win2K you must be on at least SP3...Since
> you can disable DCOM on NT4.0, I need to figure out why the SP requirement
> on Win2K.
>
> Any help appreciated.
>
> Thanks,
>
> Erik.
>
>


Top

Re: Disabling DCOM on Win2K SP2? by Erik

Erik
Tue Sep 16 12:54:04 CDT 2003

Not that I doubt the accuracy of a Microsoft statement....but I'm really
looking for the rationale behind the statement as opposed to the blind faith
that I should do what they say.
"Karl Levinson [x y] mvp" <levinson_k@despammed.com> wrote in message
news:eO4SweHfDHA.2152@tk2msftngp13.phx.gbl...
> There is a FAQ on disabling DCOM at www.ntbugtraq.com I believe it says
you
> need SP3, and clearly your post indicates that's what Microsoft is saying
as
> well, so believe them.
>
>
> "Erik Zakoske" <erik.zakoske@cardinal.com> wrote in message
> news:%239U3WaHfDHA.616@TK2MSFTNGP11.phx.gbl...
> > Microsoft has a workaround for these RPC vulnerabilities which is to
> disable
> > DCOM. However, they say that on Win2K you must be on at least
SP3...Since
> > you can disable DCOM on NT4.0, I need to figure out why the SP
requirement
> > on Win2K.
> >
> > Any help appreciated.
> >
> > Thanks,
> >
> > Erik.
> >
> >
>
>


Top

Re: Disabling DCOM on Win2K SP2? by rob

rob
Tue Sep 16 13:38:01 CDT 2003

Why don't you check Steve Gibson's stuff on DCOM out.. I
know "dcombobulator" sounds hokey, but this guy knows what
he's doing...

http://grc.com/dcom/


>-----Original Message-----
>Not that I doubt the accuracy of a Microsoft
statement....but I'm really
>looking for the rationale behind the statement as opposed
to the blind faith
>that I should do what they say.
>"Karl Levinson [x y] mvp" <levinson_k@despammed.com>
wrote in message
>news:eO4SweHfDHA.2152@tk2msftngp13.phx.gbl...
>> There is a FAQ on disabling DCOM at www.ntbugtraq.com
I believe it says
>you
>> need SP3, and clearly your post indicates that's what
Microsoft is saying
>as
>> well, so believe them.
>>
>>
>> "Erik Zakoske" <erik.zakoske@cardinal.com> wrote in
message
>> news:%239U3WaHfDHA.616@TK2MSFTNGP11.phx.gbl...
>> > Microsoft has a workaround for these RPC
vulnerabilities which is to
>> disable
>> > DCOM. However, they say that on Win2K you must be on
at least
>SP3...Since
>> > you can disable DCOM on NT4.0, I need to figure out
why the SP
>requirement
>> > on Win2K.
>> >
>> > Any help appreciated.
>> >
>> > Thanks,
>> >
>> > Erik.
>> >
>> >
>>
>>
>
>
>.
>
Top

Re: Disabling DCOM on Win2K SP2? by Bill

Bill
Tue Sep 16 17:30:02 CDT 2003

"Erik Zakoske" <erik.zakoske@cardinal.com> wrote in message
news:eUeSGuHfDHA.1088@TK2MSFTNGP10.phx.gbl...
> Not that I doubt the accuracy of a Microsoft statement....but I'm really
> looking for the rationale behind the statement as opposed to the blind
faith
> that I should do what they say.

Here's a link to the FAQ:

http://ntbugtraq.ntadvice.com/default.asp?sid=1&pid=47&aid=77

It has a reasonably clear explanation of the issue.


Top

Re: Disabling DCOM on Win2K SP2? by Erik

Erik
Tue Sep 16 18:13:29 CDT 2003

Perfect. Thank you for that info.


"Bill Sanderson" <Bill_Sanderson@msn.com.plugh.org> wrote in message
news:e1aJXIKfDHA.128@tk2msftngp13.phx.gbl...
> "Erik Zakoske" <erik.zakoske@cardinal.com> wrote in message
> news:eUeSGuHfDHA.1088@TK2MSFTNGP10.phx.gbl...
> > Not that I doubt the accuracy of a Microsoft statement....but I'm really
> > looking for the rationale behind the statement as opposed to the blind
> faith
> > that I should do what they say.
>
> Here's a link to the FAQ:
>
> http://ntbugtraq.ntadvice.com/default.asp?sid=1&pid=47&aid=77
>
> It has a reasonably clear explanation of the issue.
>
>


Top