MS_RPC_DCOM_Heap_BO Intrusion?

MS_RPC_DCOM_Heap_BO Intrusion?: Posted by Jones on July 3rd, 2004; I'm using Windows XP Pro and Norton Internet Security 2004.

I'm continuosly recieving a warning message from Norton firewall saying
MS_RPC_DOM_Heap_BO intrusion attemp and Norton has blocked it.

From the details it looks as though it is my computer trying to invade my
computer.????

Is this being caused by a legitimate program within XP and Norton is
defining it as and intrusion attempt?

I've searched on Yahoo and found a page on Symantecs site saying that this
type of warning is caused by Welchia, but I have all the patches installed,
used the removal tool and ran a full system scan for viruses all without
picking up the slightest hint of a virus. I'm new to XP and it's a new
installation, so any ideas would be much appreciated. I'm also running IIS
although because of this I have turned it off to minimise the posibilities.

Any ideas?

Cheers; Posted by Jones on July 3rd, 2004; "Jones" <none@spamnone.com> wrote in message
news:kqzFc.19780$HQ1.4900@fe2.news.blueyonder.co.u k...
And there's this one as well MS_RPC_DCOM_Buffer_Overflow; Posted by Duane Arnold on July 3rd, 2004; "Jones" <none@spamnone.com> wrote in
news:AwzFc.19786$HQ1.135@fe2.news.blueyonder.co.uk :

You need to put the machine behind the protection of a cheap NAT router
that cost as much as Norton to protect IIS.

http://www.homenethelp.com/web/explain/about-NAT.asp

Being behind the NAT router, Norton will not react to scans and attacks
and saves the machine's resouces to do other things, unless you do port
forwarding on the router opening port 80 and 20 and 21 FTP to the public.

Another element on the XP O/S I use to protect IIS is IPsec.

http://www.petri.co.il/block_ping_tr...with_ipsec.htm

http://www.analogx.com/contents/articles/ipsec.htm

The implementation of the AnalogX SecPol file will provide protection for
the machine and IIS. I use IPsec with BlackIce to protect the WEB
services. You can do the same with Norton.

Secure the XP O/S and the file system if they are not secure, then
nothing on the machine is secure.

http://www.uksecurityonline.com/index5.php

http://www.petri.co.il/block_ping_tr...with_ipsec.htm

There are plenty of aritcles out on Google on how to secure IIS.

Duane

Similar Posts

Firewall blocking an intrusion? (Microsoft Windows) by Daj
MSSP intrusion detection (Computer Security) by misc
Re: OT: Pardon My Intrusion - A Test (Computers & Technology) by StopinDaSpam
Intrusion Detection (Computer Security) by News