Re: Flaw in RPC Endpoint Mapper - NT 4.0 FIX

From: Hector Santos (nospam@nospam.com)
Date: 03/31/03 

From: "Hector Santos" <nospam@nospam.com>
Date: Mon, 31 Mar 2003 06:52:10 -0500

"S. Pidgorny [MVP]" <slavickp@yahoo.com> wrote in message
news:u4y1In29CHA.1808@TK2MSFTNGP12.phx.gbl...
> Hector,
>
> Microsoft follows supposedly open DCE specifications for RPC and some
other
> DCE protocols (Outlook/Exchange TNEF). Hardly local RPC (LRPC) requires
open
> port for endpoint on the network interface.
>
> I work for organisation that runs several hundred NT servers despite
> significant effort to upgrade. I don't like MS not fixing the
vulnerability
> and the way it's made official. However I understand that Microsoft cannot
> support all the versions forever. I don't hear complaints about NT 3.51
not
> being fixed...

NT 3.51 I can understand.

But NT 4.0 is still a viable system to 75% of the market base and the flaw
according to reports is major, so it should be fixed. On the one hand, they
see its an "architectural limitations" but on the other they say its a
"infeasible" fix.

If microsoft has learned one thing, is that the market has a short attention
span. So they will react according to the noise. If it quiet downs, they
win and customer base loses, especially we developers lose once again. This
is even more significant for us since we have a NT 4.0 add-on product for
our client/server and if customers are forced to upgrade, they will lose the
add-on which puts the pressure on us now. Until we get our add-on upgraded
W2K/XP, it presence a major delima.

This is why I need to know the DETAILS to see if we need to do something as
far a hook or something or even if it needs to be highlighted it to our
customers. As I mention, we don't use the Endpoint mapper. We have our own
advertisting server logic. But from I see so far, port 135 is used for
MORE than just the endpoint mapping. I have not checked our NT 4.0 server,
but on my Windows 2000 machine, you can't turn off the Endpoint Mapping
service, from what I can see.

Anyway, I appreciate your input

Relevant Pages

  • Re: Flaw in RPC Endpoint Mapper - NT 4.0 FIX
    ... Microsoft follows supposedly open DCE specifications for RPC and some other ... port for endpoint on the network interface. ...
    (microsoft.public.security)
  • RE: Will ISA2004 do this?
    ... behind the endpoint will be able to use the tunnel to access the ... between ISA 2004 Firewall and a hardware firewall router. ... Implementing Checkpoint NG R55 Firewall and Microsoft ISA 2004 Firewall ... This newsgroup only focuses on SBS technical issues. ...
    (microsoft.public.windows.server.sbs)
  • Re: Sql server 2005 Endpoints? An error (0x80070005) occurred while attempting to register the endpo
    ... I verified that port 80 is free with netstat and here is your output. ... Cannot find the object "myEndPoint" because it does not exist or you do ... register endpoint 'MyEndpoint' on the specified URL. ...
    (microsoft.public.sqlserver.connect)
  • Re: USB device class is CDC class - which device driver to write.
    ... Baud rate, etc. settings are sent via control requests to Endpoint 0" ... &Read on to the port handle with specific baudrate given by my ...
    (microsoft.public.development.device.drivers)
  • Re: ISDN phone lines
    ... > (An endpoint with both is smart enough to route incoming calls to POTS vs. ... > data port.) ... Do most of the ISDN phone "systems" have this ability? ...
    (sci.electronics.basics)