Problems when disabling DCOM

Discussion in 'other security issues & news' started by hieronymous, Jun 27, 2006.

Thread Status:
Not open for further replies.
  1. hieronymous

    hieronymous Registered Member

    Joined:
    Jun 27, 2006
    Posts:
    2
    Hi all,

    I registered here simply to post this dire warning regarding disabling DCOM

    I run a standalone pc, which I never use to connect to the internet (I use my laptop for that)

    I've removed a large swathe of unused and unuseful services from my machine, and as DCOM is (or at least seemed) an unnecessary service under the circumstances, I disabled it, following the instructions on Microsoft's site

    Following that I was unable to use some of the Admin Tools which looked for network components. OK, fair enough I suppose - although some failed to work at all

    However, it got worse

    First VB stopped working entirely, throwing out some generic 'Unknown Error' message and then stopping

    Then, even worse, Access stopped working, with a message that the OLE Server had to be restarted outside Access. (I never did discover how you can do that, or even IF you can do that)

    Well anyway, I re-enabled DCOM, hoping that everything would be magically fixed. But unfortunately I still kept getting those errors

    With a weary feeling of doom I went back to my last restore point, without much hope, as I've not had too much success with it in the past. However, this time it came up trumps, and everything was back to the way it had been before

    At that point I breathed a sigh of relief and decided that I'd tweaked my pc to the extent of my technical competence, and started using it to actually do stuff on again

    So, the moral of the story is: if you're going to disable DCOM, be very very sure that you know exactly what you're doing, and what the consequences may be, and if you're not sure about those - well, then I'd say that it's probably best to keep it on, and plug any security gap it may leave you exposed to, with a good firewall

    H
     
  2. TairikuOkami

    TairikuOkami Registered Member

    Joined:
    Oct 10, 2005
    Posts:
    2,509
    Location:
    Slovakia
    I guess, that you read about disabling DCOM, which is related to the port 135.
    To disabled this DCOM, you can use DCOMbobulator or WWDC, it does the same.

    DCOM Server Process Launcher Service should be allways enabled as well as WMI.
    Although I have them disabled, but I start them, when I need to have them running.
     
  3. hieronymous

    hieronymous Registered Member

    Joined:
    Jun 27, 2006
    Posts:
    2
    well, i've learned my lesson now. i think basically i'd got a bit cocky, because i'd disabled most of the other unnecessary services with no real problem. most sites and forums recommend keeping the dcom server process launcher enabled, but one or two seemed to think it could be disabled, and microsoft, although warning against doing it, give instructions on how it can be done

    i was fortunate in that i'd taken a system restore point before doing it, otherwise i could have been well and truly screwed, and i'd have had nobody to blame but myself...
     
Loading...
Thread Status:
Not open for further replies.