RE: [fw-wiz] firewall for MS RPC

From: Daniel Chemko (dchemko_at_smgtec.com)
Date: 04/05/04

  • Next message: Christopher Lee: "RE: [fw-wiz] firewall for MS RPC"
    To: "Tichomir Kotek" <tichomir.kotek@lynx.sk>, "fw" <firewall-wizards@honor.icsalabs.com>
    Date: Mon, 5 Apr 2004 09:01:41 -0700
    
    

    > Is there a firewall/solution/workaround that does it better ?

    MS-RPC, which is really DCE-RPC is well documented. It is a public
    standard, so many shouldn't have a problem implementing the standard if
    they really wanted to. Mind you, there are also secure variants of
    DCE-RPC where they are SSL protected. In this mode, you can't use L7
    filters and you may be able to NAT the session. This is one of the built
    in features of SSL to not allow you to intercept traffic. I have not
    looked into DCE, so there may be workarounds that I'm not aware of.

    That said, having MSRPC with a windows machine open on the internet is
    pretty frigging dangerous. I'd avoid it like the plague.

    > there are workaround I'm aware of :
    > 1. RPC over HTTP/HTTPS - requires ISS server
    > 2. PPTP/L2TP tunnel with/without IPsec

    I'd go with #2
    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


  • Next message: Christopher Lee: "RE: [fw-wiz] firewall for MS RPC"