Re: Basic security question

From: Rob Bolton (_nospam_at__nospam.com)
Date: 06/19/04

  • Next message: Ivan Brugiolo [MSFT]: "Re: Basic security question" 
    Date: Sat, 19 Jun 2004 09:11:27 -0400

    > This seems the case of the "net use \\MachineName\IPC$" first before
    > using the remote resource if the RPC transport if over named pipe,
    > and if the current SubjectContext does not have a suitable security
    context
    > to negotiate authentication with the remote server.
    >
    > "Programming Windows Security" form Keith Brown is good book.

    Thanks for the info. I will likely get this book having seen good reviews
    about it in the past. As for "net use \\MachineName\IPC$", this is what I
    mean when I say remote security is "murky". There's no reference to this
    under "RegConnectRegistry()" in the API nor any other reference to
    "WNetAddConnection2()", etc. Things just fail and you're left trying to
    figure out why (a painful and often fruitless process). Other issues are
    also problematic, like trying to use WMI against a Win2003 Server machine. I
    can't get past access denied errors that shouldn't be happening based on my
    understanding of the issues. My investigation has led me to believe it may
    be a firewall issue under Win2003 Server since it apparently has its own
    native firewall that's on by default (blocking the WMI-based COM calls). If
    so then a hole must be poked in the blocking port (haven't tested this yet)
    but a commercial application can't force its users to do this (nor tell them
    that in order to use the app, they must resort to a technically challenging
    operation that most users won't even undestand). In any case, security is a
    deep subject and these remote issues in particular are poorly documented. As
    a 20+ year C/C++ developer on Microsoft platforms, I'm hardly a novice
    either. Thanks again for the feedback.

  • Next message: Ivan Brugiolo [MSFT]: "Re: Basic security question"

    Relevant Pages

    • SecurityFocus Microsoft Newsletter #171
      ... Better Management for Network Security ... GoodTech Telnet Server Remote Denial Of Service Vulnerabilit... ... ASPApp PortalAPP Remote User Database Access Vulnerability ...
      (Focus-Microsoft)
    • Re: How is dangerous connect to server over internet with remote d
      ... Vulnerability in Remote Desktop Protocol Could Lead to Denial of ... Microsoft MVP - Windows Security ... encryption and if i connect to server with the same ip (i configure ... Now the only thing that I usually worry about when considering RDP are ...
      (microsoft.public.security)
    • Re: How is dangerous connect to server over internet with remote d
      ... If you want to add more security, create VPN connection first, then fire up ... Vulnerability in Remote Desktop Protocol Could Lead to Denial of ... encryption and if i connect to server with the same ip (i configure ...
      (microsoft.public.security)
    • Re: OpenSSH anomaly
      ... > server via SSH because openssh would terminate the connection immediately ... Sounds like tcpwrappers was rejecting the login. ... to see if the reverse lookup on the remote IP was failing. ... Astaro Security Linux -- firewall with Spam/Virus Protection ...
      (Incidents)
    • Re: remote control program
      ... The security of the interface has nothing to do with SSL. ... the security of your online banking technology also has nothing to do with SSL. ... If the technology was not properly assessed by a qualified security team then I wouldn't trust it. ... for remote work to the same location who complains about jitter and delay ...
      (Security-Basics)