Re: [fw-wiz] Outlook Web Access - Paranoid?

From: Mikael Olsson (mikael.olsson@clavister.com)
Date: 11/28/02


From: Mikael Olsson <mikael.olsson@clavister.com>
To: Christopher Lee <complexity@bigfoot.com>
Date: Thu Nov 28 19:42:01 2002

Christopher Lee wrote:
>
> While the number of RPC ports one must open to allow OWA(or any MS DCOM apps)
> to work is insane, that doesn't mean you have open them manually. Check Point
> firewall (for example) has the smarts to be able to open them dynamically as
> needed. This way, unless the intruder is able to forge the same DCOM/RPC
> communications, the exposure is not all that bad...

Ah, yes, and such mechanisms are of course entirely impossible to fool
into opening up arbitrary ports of the attacker's choice. </sarcasm>

Fortunately, the set of RPC ports used can be reduced. And, quite
frankly, if I have to do RPC through a firewall (yuck, argh, ptooiiee),
I'd rather have a manageable small set of static holes open than
some Black Magic figuring it out for me.

More info about this at:
http://support.microsoft.com/default.aspx?scid=KB;en-us;q154596
"HOWTO: Configure RPC Dynamic Port Allocation to Work with Firewall"

-- 
Mikael Olsson, Clavister AB
Storgatan 12, Box 393, SE-891 28 ÖRNSKÖLDSVIK, Sweden
Phone: +46 (0)660 29 92 00   Mobile: +46 (0)70 26 222 05
Fax: +46 (0)660 122 50       WWW: http://www.clavister.com


Relevant Pages

  • RE: WARNING! -- RPC ports on Win2k
    ... MS's sharing mechanism. ... IIS sever is multihomed with a front end interface (insecure internet ... No machine on the public net, without a firewall in front of it to protect ... it, should have RPC ports listening, POINT BLANK! ...
    (Security-Basics)
  • Re: Active Directory server: WMI cannot be accessed
    ... command from a command shell. ... is the solution to the Swiss Cheesed Firewall approach of RPC. ... servers heavily locked down (firewalls.. ... RPC ports on the AD servers. ...
    (microsoft.public.exchange.connectivity)
  • Re: Which port?
    ... So its the rpc ports? ... frequently blocked at the firewall. ... Looking for a SQL Server replication book? ... Looking for a FAQ on Indexing Services/SQL FTS ...
    (microsoft.public.inetserver.indexserver)
  • RE: COM+ Application server has problems with SQL2000 both Win2003
    ... Can you make connections using ISQL.exe both ways without errors? ... Did you restrict the rpc ports on the firewall for MSDTC? ...
    (microsoft.public.sqlserver.connect)
  • Re: Do i need a FW?
    ... My ISP has anti virus program ... listerning on rpc ports? ... > personal firewall will. ...
    (comp.security.firewalls)