Thread: Does the RPC Attack affect Win 98?
View Single Post
  #2  
Old October 25th 08, 04:12 PM posted to microsoft.public.win98.gen_discussion
98 Guy
External Usenet User
  
Posts: 2,951
Default Does the RPC Attack affect Win 98?
smith wrote:

Does the RPC attack affect Win 98?

M$ Security Bulletin:
http://www.microsoft.com/technet/sec.../MS08-067.mspx

I would bet that the problem (which required a very rare emergency
update a couple of days ago for NT-based systems) is with the "server"
service, possibly performed by the file rpcss.exe. I would bet that
win-9x is not vulnerable to the exploit being addresses in that
bulletin.

Furthermore, isin't Dcom related to (or required to be installed /
running) for RPC to function on win-9x?

If you're connected to the internet via a NAT-router, then you won't see
any port 135 connection attempts anyways.

---------------
http://technet.microsoft.com/en-us/l.../cc750828.aspx

RPC Port Closures

Many services by default are listening on network interfaces, including
the local loopback interface. For example, the Microsoft remote
procedure call (RPC) port mapper listens on TCP/135, UDP/135, TCP/1027,
and TCP/1028. Three of these services — the RPC client, RPC server, and
RPC end-point mapper — can be configured to close all open ports.
However, these changes must be carefully tested because they can break
functionality, not only with remote hosts, but also between local
services.

Microsoft Exchange and Microsoft SQL Server™ are the most commonly
deployed applications that require RPC. Additionally, RPC calls are used
during remote management of servers. The common built-in utilities that
are dependent on RPC services a

DHCP Manager
DNS Administrator
WINS Manager
Performance Monitor
Event Viewer
Registry Editor
Server Manager
User Manager
----------------