Log In
Home
10/23/2014
Offline
Does anyone know how applications using the old VB Wrapper need to be modified to conform to the DCOM hardening requirements?
03/09/2023
Offline
I also want to know it. Please someone reply over here. Thanks in advance.
05/30/2017
Offline
The VB wrapper is no different from any other OPC COM client and will have the same issues.
If you only using to talk to servers running on the same host then you probably will not need to change anything.
If you are using remotely then you will have to follow the instructions for DCOM applications that cannot be modified.
06/10/2014
Offline
For VB6 hardening you need to focus on CoInitializeSecurity(). Wherever it is invoked pass RPC_C_AUTHN_LEVEL_PKT_INTEGRITY instead of RPC_C_AUTHN_LEVEL_NONE as authentication. If your application doesn't use it at all you could be fine. This is based on my hardening experience for a normal VB6 application without DCOM callback.
You need reach out to this wrapper's vendor for a new hardened version if possible. If vendor doesn't support it anymore, you can check my previous post here for a DCOM free/hardening free solution. Good luck!
1 Guest(s)
Usage Policy