MSTDC Security Configuration Resources

From: Mark Deason (mdeason_at_SILVERSIDE.NET)
Date: 09/18/03

  • Next message: Russ: "Administrivia #30659 - Take a breather" 
    Date:         Thu, 18 Sep 2003 11:23:46 -0700
To: NTBUGTRAQ@LISTSERV.NTBUGTRAQ.COM

    After some digging into the MSDTC Event issue for people, the following
    should prove to be somewhat useful for those interested in the MSDTC
    Security Configuration topics and how you can educate yourself:

    What's New in COM+ 1.5 - Good Basic Information for XP/2003 administrators
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cossdk/htm/
    whatsnewcomplus_350z.asp

    DTC Security Considerations - Overview of Managing Features
    http://msdn.microsoft.com/library/default.asp?url=/library/en-us/cossdk/htm/
    pgdtc_admin_9dkj.asp

    Problem is with the last URL, it doesn't really give a person a clue as to
    how to fix it. I've come up with a brief instruction on where you can find
    the interface for affecting those settings on the related platforms.

    Windows XP / Windows Server 2003:

     - Open Component Services from the Administrative Tools

     - Below the Menu Bar is a "Computer" Icon, mouse over it should read,
    "Configure My Computer", Click it.

     - Click on the "MSDTC" Tab and down at the bottom is the "Security
    Configuration..." button, Click it.

     - You now have the keys to the kingdom that is MSDTC.

    As a special extra for those that don't know, the Default Properties Tab is
    where you can find:
    "Enable Distributed COM on this computer" checkbox. Mileage on how well
    that actually functions is anyone's guess...

    Disclaimer: Research your operations/requirements before attempting any
    changes that would break your system. I take no responsibility for you
    blowing your configuration/system by providing this information.

    Hope this helps those of you to minimize some of those vectors.

    Thanks,

    Mark Deason
    Director of IT
    Silverside Equipment Inc. 

    ----
Are You "Certifiable"? Summer's Hottest Certification Just Got HOTTER!
With a growth rate exceeding 110%, the TICSA security practitioner
certification is one of the hottest IT credentials available.  And now, for
a limited time, you can save 33% off of the TICSA certification exam! To
learn more about the TICSA certification, and to register as a TICSA
candidate online, just go to
http://www.trusecure.com/offer/s0100/
----
  • Next message: Russ: "Administrivia #30659 - Take a breather"