Re: RPC
- From: "Steve Riley [MSFT]" <steve.riley@xxxxxxxxxxxxx>
- Date: Tue, 28 Oct 2008 21:58:29 -0700
Jmnts, you have a human problem, not a technical one. Human problems require human solutions.
--
Steve Riley
steve.riley@xxxxxxxxxxxxx
http://blogs.technet.com/steriley
Protect Your Windows Network: http://www.amazon.com/dp/0321336437
"S. Pidgorny" <slavickp@xxxxxxxxx> wrote in message news:ui8u0WAOJHA.728@xxxxxxxxxxxxxxxxxxxxxxx
It is an option.
You can mitigate the risk of having credentials granting access to key systems available to untrusted parties, but the cost generally outweighs the credential management bits.
--
Svyatoslav Pidgorny, MCSE, RHCE
-= F1 is the key =-
Jmnts wrote:Unfortunately that's not an option.
Pidgorny" wrote:
If you want to attack the problem head-on - change the credentials in question.
--
Svyatoslav Pidgorny, MCSE, RHCE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Jmnts wrote:Ok, here's the problem, I have an App that uses RPC and allocates port 5000 for admin tasks. I suspect (in fact I'm sure because I saw the App logs) that a given user is using his old credentials to access to that App Admin port to do something that is not supposed to do (we already talk with the guy but is to complicated to explain) We need yourselfs to lock that port to that user.
Is this possible using windows server? We also must be sure that this won't break other users in the app.
"S. Pidgorny" wrote:
Yes I'm saying to block the port using Windows firewall. Apart from RPC, not many protocols are using dynamic and random port numbers, so you can be almost certain that you'e blocking RPC - unless you have another process on the system that can listen on the 5000.
Also - to block RPC from selected sources, block access to the endpoint mapper (port 135) and not to the dynamic range.
--
Svyatoslav Pidgorny, MCSE, RHCE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Jmnts wrote:Hi S. Pidgorny,
-Are you saying that it just go to windows FW and lock (for example) port 5000?
-How do I refer that is a RPC port?
thank you for your time
"S. Pidgorny" wrote:
No. Use firewall?
--
Svyatoslav Pidgorny, MCSE, RHCE
-= F1 is the key =-
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
Jmnts wrote:Hi everyone,
Is it possible to configure in a server a RPC setting that blocks a specific RPC port for a specific machine?
* http://sl.mvps.org * http://msmvps.com/blogs/sp *
.
- References:
- Prev by Date: Re: RDP & IP security help
- Next by Date: Re: Security 101: Only allow access to domain computers
- Previous by thread: Re: RPC
- Next by thread: Change default certificate duration ?
- Index(es):
Relevant Pages
|
