I've been trying to deal with security scans and getting my serverup to
PCI-Compliance standards. One ding that has been an issue from the start has
involvedwhat the scan refers to as dced. The first support tech at the
scanning company didn't know whatit was. I can't find out very much from
I have vague memories of that being an issue with HP buffer overflow, but
it has been years. Google of HP dced says problems on port 135, but
again this is really old.
http://www.securityfocus.com/archive/1/369697
On Mon, Apr 1, 2013 at 10:43 AM, Rick Faircloth r...@whitestonemedia.comwrote:
I've been trying to deal with security scans and getting my serverup to
PCI-Compliance standards. One ding that has been an
issue from the start has involvedwhat the scan refers to as dced. The first
support tech at the scanning company didn't know
what it was. I can't find out very much
but aren't they scanning the interface from a public network? If so,
you should have a very small number of listening ports. Maybe just
two: TCP/80 and TCP/443. There is no reason why you'd expose
TCP/135 to a public network (especially if you're running Windows).
Good advice; in my
4 matches
Mail list logo
