microsoft.public.windowsxp.security_admin

"David H. Lipman" wrote in message
news:eY0Kwl6iIHA.1184@TK2MSFTNGP04.phx.gbl...

> My last feedback -- don't rely on information on GRC, the scare monger.
> Gibson made his money selling a program to change the interleave of
> MFM/RLL drives when
> there were free alternatives.
> Gibson is not an authorative source for INFOSEC related information.
>
> And yes, my BEFSRxx, with ports specifically being blocked, is 100%
> reliable.
>
> --
> Dave
Dave, I don't know if you are aware of the tweak to disable NetBios without
editing the Registry :
http://security.symantec.com/sscv6/NetBIOS_FAQ.asp?langid=ie&venid=sym&plfid=23&pkj=VRZCCSCEFRQBCBZLSRZ
I checked my services and I already had COM+ Sys App service disabled; I
believe most users with standalone PC's can safely disable this service.
(That is, even without disabling DCOM as per the OP's instructions).
Even after you disable NetBios as per the instructions on the Symantec
website, you cannot disable the NetBios service; it is still needed for
connectivity for some reason. You would still need to block ports 135-138 in
your router after making this tweak.

--
Allan