MS realise that they are about to be firewalled by every ISP that cares about its client base, and are now stating that you shouldn't have been using their product on a public network in the first place. I don't remember hearing this before, though, and if they knew this why isn't ICF enabled as default as part of their internet connection wizardry?
Hindsight is always 20/20. --harq ----- Original Message ----- From: "Joey" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Monday, August 11, 2003 7:31 PM Subject: Re: [Full-Disclosure] Cox is blocking port 135 - off topic > Microsoft says - "To exploit this vulnerability, the > attacker must be able to send a specially crafted > request to port 135, port 139, port 445, or any other > specifically configured RPC port on the remote > computer. For intranet environments, these ports are > typically accessible, but for Internet-connected > computers, these ports are typically blocked by a > firewall." > > But since those are different services(SMB, DCOM, > Netbios), wouldnt you need to send an entirely > different packet? it sounds impossible to use the same > exploit on multple protocols. > > Port 80 is not an attack vector - > "RPC over UDP or TCP is not intended to be used in > hostile environments, such as the Internet. More > robust protocols, such as RPC over HTTP, are provided > for hostile environments." > http://support.microsoft.com/?kbid=823980 > > Microsoft is saying RPC over UDP or TCP shouldnt be > used on the internet and you need a firewall to block > the ports anyway. I guess they aren't keeping their > new promise for security seriously. > > --- [EMAIL PROTECTED] wrote: > > hi list, > > > > i tried all different DCOM RPC sploit's i could find > > (from the very > > beginning till the newest versions). > > i couldn't find any succesfully working on other > > ports then 135. > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.netsys.com/full-disclosure-charter.html > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
