Solved

Disabling DCOM in an A.D. domain

Posted on 2014-01-09
3
985 Views
Last Modified: 2014-01-11
During a recent internal security audit, our Qualys scanner flagged a Sev3 vuln on our servers. It is a generic vuln for DCOM being enabled (QID 90042)

It suggested disabling DCOM which seems easy enough to do. My question is whether or not there may be adverse effects in an A.D. domain.

http://technet.microsoft.com/en-us/library/cc771387.aspx
0
Comment
Question by:Schuyler Dorsey
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 
LVL 53

Accepted Solution

by:
Will Szymkowski earned 500 total points
ID: 39771484
It is probably not a good idea to "disable" this, depending on the applicaitons you are running in your environment. Some applicaitons require this and disabling it can/will break it. Are you sure that this Qualys was not generating a false positive? Usually when there are security holes with com or dcom there are security patches released to correct the vulnerability.

Take a look at the below link for detail description of dcom and it's exact function. From there you can make the decision if you want to disable this in your environment.

DCOM - http://technet.microsoft.com/en-us/library/cc958799.aspx

Will.
0
 
LVL 25

Expert Comment

by:Coralon
ID: 39772942
There are a large number of applications and services that depend on DCOM.  I can't imagine a scenario where disabling DCOM wouldn't cause a problem?

I'd be looking enabling the firewalls and opening up DCOM as needed as an alternative.

Coralon
0
 
LVL 20

Expert Comment

by:compdigit44
ID: 39774016
With any security scan you have to weight the results in proportion to your organization. For example security requirements for a Hospital would differ from that of a Research College. There is no one shoe fits!!!!
0

Featured Post

Forrester Webinar: xMatters Delivers 261% ROI

Guest speaker Dean Davison, Forrester Principal Consultant, explains how a Fortune 500 communication company using xMatters found these results: Achieved a 261% ROI, Experienced $753,280 in net present value benefits over 3 years and Reduced MTTR by 91% for tier 1 incidents.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Issue: One Windows 2008 R2 64bit server on the network unable to connect to a buffalo Device (Linkstation) with firmware version 1.56. There are a total of four servers on the network this being one of them. Troubleshooting Steps: Connect via h…
Always backup Domain, SYSVOL etc.using processes according to Microsoft Best Practices. This is meant as a disaster recovery process for small environments that did not implement backup processes and did not run a secondary domain controller that ne…
This Micro Tutorial hows how you can integrate  Mac OSX to a Windows Active Directory Domain. Apple has made it easy to allow users to bind their macs to a windows domain with relative ease. The following video show how to bind OSX Mavericks to …
Are you ready to implement Active Directory best practices without reading 300+ pages? You're in luck. In this webinar hosted by Skyport Systems, you gain insight into Microsoft's latest comprehensive guide, with tips on the best and easiest way…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question