amdphr3@kXP Posted August 12, 2003 Share Posted August 12, 2003 A word of warning to anyone relying on the microsoft hotfixes for the RPC vulnerability, I know of a few ppl that run a webserver off their net connections, and have the hotfixes installed. They were targeted by attackers using the RPC exploits, and the attackers were still able to compromise their systems using these exploits, even though the hotfixes were installed. My advice would be to either disable the RPC service, or block all incoming Remote Proceedure Calls on all ports, both TCP and UDP using a decent firewall. This will stop any RPC's from reaching your system, and effectively allowing a hacker to compromise your system. Link to comment Share on other sites More sharing options...
DaveXP Posted August 12, 2003 Share Posted August 12, 2003 Someone else who has the patch and it dont work. Link to comment Share on other sites More sharing options...
Sphynx Posted August 13, 2003 Share Posted August 13, 2003 A hint that a lot of people don't know :If you get that screen, saying "Windows will reboot in ..:.."Press Start, Run and type shutdown /aThen you can download the patch, without the reboots And install a good firewall people... I don't understand why there are still so many people with port 135 open ... Link to comment Share on other sites More sharing options...
Mpak Posted August 13, 2003 Share Posted August 13, 2003 I'm gonna shopping somewhere and i wonder why others don't get guns and body armour with them, like i do? Aren't they afraid of robbers or something? Link to comment Share on other sites More sharing options...
R600 Posted August 13, 2003 Share Posted August 13, 2003 I can't remember where I posted this message, but does anyone know what the RPC is actually used for? Link to comment Share on other sites More sharing options...
Aaron Posted August 13, 2003 Share Posted August 13, 2003 http://www.cexx.org/rpc.htmDon't follow anybody's advice about deleting/disabling this service, its not recommended. Link to comment Share on other sites More sharing options...
gamehead200 Posted August 13, 2003 Share Posted August 13, 2003 If Doggie sees this message:Can't a program be made to do this automatically? Link to comment Share on other sites More sharing options...
DaveXP Posted August 13, 2003 Share Posted August 13, 2003 If Doggie sees this message:Can't a program be made to do this automatically? do wat...... Link to comment Share on other sites More sharing options...
rotjong Posted August 13, 2003 Share Posted August 13, 2003 A hint that a lot of people don't know :If you get that screen, saying "Windows will reboot in ..:.."Press Start, Run and type shutdown /aNot to step on your toes but it's "shutdown -a" not "shutdown /a".I had this patch installed when it first was released but sadly it seems 99% of people did not and I've spent the last 3 days helping friends out with it. Link to comment Share on other sites More sharing options...
jayroller Posted August 13, 2003 Share Posted August 13, 2003 hmm, and MS expect us to trust AntiVirus solutions they've had a hand in...... doesn't bode well if you ask me if they can't even patch their own flaws successfully. i think the 16th will be a Linux day for me... Link to comment Share on other sites More sharing options...
DaveXP Posted August 13, 2003 Share Posted August 13, 2003 hmm, and MS expect us to trust AntiVirus solutions they've had a hand in...... doesn't bode well if you ask me if they can't even patch their own flaws successfully. i think the 16th will be a Linux day for me... why wats happening on the 16th may i ask Link to comment Share on other sites More sharing options...
Aaron Posted August 13, 2003 Share Posted August 13, 2003 Not to step on your toes but it's "shutdown -a" not "shutdown /a".I had this patch installed when it first was released but sadly it seems 99% of people did not and I've spent the last 3 days helping friends out with it.It varies across Operating Systems. On XP its "-a", on Windows Server 2003 its "/a", and in Windows 2000 shutdown.exe doesn't exist. Link to comment Share on other sites More sharing options...
Aaron Posted August 13, 2003 Share Posted August 13, 2003 why wats happening on the 16th may i askA mass Denial of Service attack on WindowsUpdate from users infected with the MSBlaster worm. In fact this attack has already started due to some users' system clocks being ahead of time, and WU is showing signs of slowness.This attack will prevent other users from downloading the RPC flaw fix. Link to comment Share on other sites More sharing options...
DaveXP Posted August 13, 2003 Share Posted August 13, 2003 i see Link to comment Share on other sites More sharing options...
darkkavenger Posted August 13, 2003 Share Posted August 13, 2003 How funny, my home Pc was attacked but i was able to fix it in like five seconds ;-) Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now