[Dshield] DCOM VPN Question

Jon R. Kibler Jon.Kibler at aset.com
Wed Aug 13 18:54:36 GMT 2003


I just had an interesting conversation with a network security person that was having problems blocking the ports used by the DCOM worm. They indicated that they had tried to block 135/TCP on their border router, but clients running Microsoft VPN started complaining because they could not connect. 

It appears that Microsoft VPN uses 135/TCP for RPC services used to establish a VPN connections. Is anyone familiar with this issue? What if anything is the solution to this problem? It is my understanding that these clients have no choice but to use Microsoft VPN.

Feedback (other than slamming Microsoft!) please!

Jon R. Kibler
A.S.E.T., Inc.
Charleston, SC  USA
(843) 849-8214

More information about the list mailing list