Aug 31
In our Introduction to PC Security course, one of our students reported that their computer ports are all stealth except 1030 and 1031 - which are showing open in GRC’s ShieldsUP test. (Hi Steve!)
Steve actually covers this issue on this page: Port Authority for Internet Port 1030. Which states this (and other) ports are used by Microsoft (M$) DCOM service.
However, this explanation doesn’t go deep enough. (Sorry Steve!) DCOM and RPC uses this port as well as 1031 and beyond. In fact, the DCOM RPC Vulnerability utilizes the 1031 port and beyond!
If you are curious or interested in investigating this further, I recommend this excellent paper called: Analysis of the Microsoft Windows DCOM RPC Exploit by Packetwatch.net.
Debbie
Recent Comments