hmmmmmmmmmmm when I search for DCOM in the plugin section on nessus.org, I only found 11798. it most be because I searched by plugin name.
http://www.nessus.org/plugins/index.php?view=search Thank you Nicolas, I'll add those two plugin ids to my lisf. DCOM allows applications to be distributed across locations, the application create program ids that can have the default launch and access permissons. A user account is added as authentication credentials to granted permission to access/launch the component. When the user credentials (as a example a service account) are add they can recieve the default access and launch permissions. Alot of time they don't need the default permissions. DCOMCNFG is the tool that comes with Windows that allows you to configure the DCOM settings of a COM application. The application can be listed as a Name or by a program ID and its rather painful to manual check each. Other scanners I've used will report on what user has what level of access and/or launch permission for a COM object. When I run an Administrative scan using Nessus, i've never see it report on this setting and so far i've been unable to find a plugin that does. I was thinking of writting a plugin to check the access and launch permission for COM objects. but didn't want to re-invent the wheel and thought I would ask to see if anyone else has. Take Care and Have Fun --John reference https://www.microsoft.co.ke/technet/scriptcenter/scripts/os/com/default.mspx http://consumer.installshield.com/kb.asp?id=Q108324 -------------- Original message ---------------------- From: Nicolas Pouvesle <[EMAIL PROTECTED]> > On Fri, 2006-02-24 at 18:29 +0000, [EMAIL PROTECTED] wrote: > > Is this the only plugin for DCOM > > > > ID > > Name > > Family > > 11798 > > RPC DCOM Interface DoS > > Denial of Service > > > > There are 2 other plugins : > > 11808 > 11835 > > > Has anyone written a plugin that will check for the default dcom > > launch and access permissions? > > > > What do you mean by "default dcom launch" ? > > > Nicolas > > _______________________________________________ > Nessus mailing list > [email protected] > http://mail.nessus.org/mailman/listinfo/nessus _______________________________________________ Nessus mailing list [email protected] http://mail.nessus.org/mailman/listinfo/nessus
