Firewall Wizards mailing list archives
Re: FW-1 and RPC with MSDTC
From: Michael Nelson <mikenel () iapetus com>
Date: Fri, 12 Jan 2001 14:50:27 -0500 (EST)
On Sat, 13 Jan 2001, Darren Reed wrote:
- you can't control what port number an RPC service gets (you can only influence the range used for the random allocation)
Dynamic endpoints (TCP ports) is a feature that is not mandatory. You can use statically bound endpoints. Exchange, in fact, has registry options that let you put some of its well-known services (like the DS and IS) on specific TCP ports.
Now if you can do all that with MS RPC packets too, someone please send me the docs on how to decode the "service number" or "service name" in the RPC-loc packets. It has got to be there, else the client end cannot talk to the server, I just don't know how...anyone, please ? :)
You register interface UUIDs with the endpoint mapper. Also, see http://support.microsoft.com/support/kb/articles/Q159/2/98.ASP. I am pretty sure that CheckPoint 4.x has support for MSRPC interface filtering. -mike _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- Role of a Security Administrator Maddy (Jan 08)
- Re: Role of a Security Administrator Bennett Todd (Jan 08)
- Re: Role of a Security Administrator Webmaster (Jan 08)
- Re: Role of a Security Administrator Magosányi Árpád (Jan 08)
- FW-1 and RPC with MSDTC Javier Megias (Jan 10)
- Re: FW-1 and RPC with MSDTC Michael Nelson (Jan 11)
- Re: FW-1 and RPC with MSDTC Darren Reed (Jan 12)
- RE: FW-1 and RPC with MSDTC Andrew Helm-Cowley (Jan 12)
- Re: FW-1 and RPC with MSDTC Darren Reed (Jan 12)
- Re: FW-1 and RPC with MSDTC Michael Nelson (Jan 15)
- Re: FW-1 and RPC with MSDTC Michael Nelson (Jan 15)
- FW-1 and RPC with MSDTC Javier Megias (Jan 10)
- <Possible follow-ups>
- Re: Role of a Security Administrator Harris Raymond D JR Civ AFAA/MSI (Jan 10)