RE: [fw-wiz] firewall for MS RPC
From: Daniel Chemko (dchemko_at_smgtec.com)
To: "Tichomir Kotek" <firstname.lastname@example.org>, "fw" <email@example.com> Date: Mon, 5 Apr 2004 09:01:41 -0700
> Is there a firewall/solution/workaround that does it better ?
MS-RPC, which is really DCE-RPC is well documented. It is a public
standard, so many shouldn't have a problem implementing the standard if
they really wanted to. Mind you, there are also secure variants of
DCE-RPC where they are SSL protected. In this mode, you can't use L7
filters and you may be able to NAT the session. This is one of the built
in features of SSL to not allow you to intercept traffic. I have not
looked into DCE, so there may be workarounds that I'm not aware of.
That said, having MSRPC with a windows machine open on the internet is
pretty frigging dangerous. I'd avoid it like the plague.
> there are workaround I'm aware of :
> 1. RPC over HTTP/HTTPS - requires ISS server
> 2. PPTP/L2TP tunnel with/without IPsec
I'd go with #2
firewall-wizards mailing list