Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.
Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.




Network Security Nessus-Users
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: DCOM Plugin Question

from [Nicolas Pouvesle] Network Security [Permanent Link]
Subject: Re: DCOM Plugin Question
Date: Mon, 27 Feb 2006 08:59:59 -0500 
On Sat, 2006-02-25 at 17:06 +0000, jfvanmeter@comcast.net wrote:


DCOM allows applications to be distributed across locations, the application 
create program ids that can have the default launch and access permissons. 

A user account is added as authentication credentials to  granted permission 
to access/launch the component.  When the user credentials (as a example a 
service account) are add they can recieve the default access and launch 
permissions. Alot of time they don't need the default permissions. 

DCOMCNFG is the tool that comes with Windows that allows you to configure the 
DCOM settings of a COM application.  The application can be listed as a Name 
or by a program ID and its rather painful to manual check each.



Thanks for the information. I will try to look at that later and see
what I can do.



Other scanners I've used will report  on what user has what level of access 
and/or  launch permission for a COM object.  When I run an Administrative 
scan using Nessus, i've never see it report on this setting and so far i've 
been unable to find a plugin that does. 

I was thinking of  writting a plugin to check the access and launch 
permission  for COM objects. but didn't want to re-invent the wheel and 
thought I would ask to see if anyone else 
has.



I really don't think you want to do that. It is easy to use the DCOM
protocol with the Windows API but it is much more complex to do that
with Nessus ;-)


Nicolas

_______________________________________________
Nessus mailing list
Nessus@list.nessus.org
http://mail.nessus.org/mailman/listinfo/nessus
[More with this subject...]




<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Problems with the registration site for the plugins update., Pidgeon
Next by Date:  Re: Problems with the registration site for the plugins update., George A. Theall
Previous by Thread:  Re: DCOM Plugin Question, jfvanmeter
Next by Thread:  Re: DCOM Plugin Question, jfvanmeter
Indexes:  [Date] [Thread] [Top] [All Lists]