Known vulnerabilities in Windows

Post your techical queries on any product in our range of AntiVirus, AntiSpam, Content Security and Firewall Solutions sold under the brand names of eScan, MailScan, eConceal and X-Spam here. Your queries will be responded to by our expert technical team directly.

Moderators: Divesh, Gurdip Singh

Known vulnerabilities in Windows

Postby mln » Sat Nov 22, 2008 10:40 am

Most of the worms, in particular the most famous, use known vulnerabilities in Windows services which are enabled by default and that often can’t be disabled via the OS’s configuration.
Even with these services patched with Microsoft security fixes, they are still exposed to the Internet at large ready to be exploited by the next exploit.

These ports attack the service even before our Escan or Econceal service starts.

It is advisable to close them.

These ports/services on client side are :

* DCOM RPC (listen on port 135) MS03-026
* RPC Locator (port 445) MS03-001, MS04-011
* NetBIOS (ports 137/138/139) MS03-049
* UPNP (port 5000) MS01-059
* Messenger service (uses RPC/NetBIOS ports) MS03-043

An example of server side ports/services :

* WebDAV on IIS server (port 80) MS03-007
* SQL Server 2000 (port 1434) MS02-061

We can close these ports using

http://www.firewallleaktester.com/tools/wwdc.exe
Lakshmi Narayanan
Chennai
mln
 
Posts: 67
Joined: Fri Dec 28, 2007 6:08 pm
Location: Chennai

Return to Technical Support

Who is online

Users browsing this forum: No registered users and 24 guests