static_geek Posted September 13, 2003 Share Posted September 13, 2003 DCOMbobulator Link to comment Share on other sites More sharing options...
MxxCon Posted September 13, 2003 Share Posted September 13, 2003 do you really want to trust GRC to secure your system? :no: Link to comment Share on other sites More sharing options...
jwjw1 Posted September 13, 2003 Share Posted September 13, 2003 that grc dcom is bunk...i ran it..said i was ok....then i went and got the newer dcom update from MS..installed it....grc said i was vulunbalbe..then i ran the RetinaRPCDCOM scan on my network...it shows all the OS's on the subnet and if they are patched or either 98/ME (not vulnerable) and it said then I was patched....ran a dcom hack from a website...and it didn't fly...so Steve Gibson is full of it..with his Micky Mouse dcom. Link to comment Share on other sites More sharing options...
static_geek Posted September 13, 2003 Author Share Posted September 13, 2003 Noooooway Mxx......I was simply pointing this out to folks' for opinions..... Link to comment Share on other sites More sharing options...
Samoa Posted September 14, 2003 Share Posted September 14, 2003 someone please provide the link to MS fix instead.... Link to comment Share on other sites More sharing options...
John Veteran Posted September 14, 2003 Veteran Share Posted September 14, 2003 http://www.microsoft.com/technet/treeview/...in/MS03-039.asp btw, steve gibson is an idiot. Link to comment Share on other sites More sharing options...
Samoa Posted September 14, 2003 Share Posted September 14, 2003 http://www.microsoft.com/technet/treeview/...in/MS03-039.aspbtw, steve gibson is an idiot. Thanks, instead of calling a Gibson an idiot. Providing a correct link is way more helpful... :D Link to comment Share on other sites More sharing options...
mAcOdIn Veteran Posted September 14, 2003 Veteran Share Posted September 14, 2003 Gibson is an idiot because his unplug and pray thing shut of the wrong service to begin with. The original flaw was in the SDDP deiscovery service. My guess is he just saw all the publicity it was getting as a UPNP flaw so he made unplugandpray without even verifying that it fixes the flaw(which it doesn't) Furthermore though the strength behind his words has forever seared into people's minds that it was UPNP which was flawed. I don't think you'll find very many people who know it wasn't UPNP but the SDDP service because Gibson does nothing but spread FUD. Next up is this Dcom crap. While at least he's turning off the right stuff this time, why doesn't he educate users instead? Turning it off is a 30 second process no need to make a program for it. Leaktest. Where do I start with his leaktest. The whole thing is flawed from the start. Raw sockets that XP uses where supposed to end the internet. Read his sites DDOS page where he describes how his site was brought off the net. It reads like an action movie. Steve Gibson should be a writer, not a *security consultant*, which by the way are his own words since he hasn't consulted or found a flaw for any company as far back as I can remember. Maybe I should just call myself a security consultant and spread false info, would that make me smart? Link to comment Share on other sites More sharing options...
John Veteran Posted September 14, 2003 Veteran Share Posted September 14, 2003 Steve Gibson should be a writer, not a *security consultant*, which by the way are his own words since he hasn't consulted or found a flaw for any company as far back as I can remember.Maybe I should just call myself a security consultant and spread false info, would that make me smart? no, but it would get you a hoard of mindless followers :laugh: Link to comment Share on other sites More sharing options...
Recommended Posts