This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Accept
Reject
Community FAQ
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 
cancel
Turn on suggestions
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Issues with opening allowed program DLLHOST in Firewall?

MarkDunn
Engaged Sweeper

‎10-14-2010 06:50 PM

I'm having problems seeing a LOT of machines on my network due to the RPC server not responding. One of the fixes mentioned is to run this on the machines in a .cmd file:

call netsh firewall set service RemoteAdmin enable
call netsh firewall add portopening protocol=tcp port=135 name=DCOM_TCP135
call netsh firewall add allowedprogram program=%windir%\system32\wbem\unsecapp.exe name=WMI
call netsh firewall add allowedprogram program=%windir%\system32\dllhost.exe name=Dllhost

My main concern with this is allowing dllhost as a program in the firewall. Isn't this process used by many virus writers to exploit dll files?

Any thoughts would be appreciated.

Labels:
0 Kudos
3 REPLIES 3
MarkDunn
Engaged Sweeper

‎10-14-2010 07:32 PM

I'm assuming this will suffice?

http://www.lansweeper.com/kb/firewall.aspx
0 Kudos
Hemoco
Lansweeper Alumni
In response to MarkDunn

‎10-16-2010 12:57 PM

MarkDunn wrote:
I'm assuming this will suffice?

http://www.lansweeper.com/kb/firewall.aspx

Yes, in a domain this is the easiest way.
0 Kudos
Hemoco
Lansweeper Alumni

‎10-14-2010 07:05 PM

All windows files can be potentially exploited if you don't install the latest Microsoft patches.

Easiest solution is to set up a group policy for the windows firewall
0 Kudos

Archive

This board contains archived posts from the retired Lansweeper Forum and Insiders Community.

New to Lansweeper?

Try Lansweeper For Free

Experience Lansweeper with your own data.
Sign up now for a 14-day free trial.

Try Now
li.common.scroll-to.top