Security Defects

TheMSsForum.com: The Microsoft Software Forum

What are the threats posed by RPC (Remote Procedure Call) and by DCOM
in XP SP2 ? (well if there are any !!)
Top

Re: Security Defects by Karl

Karl
Tue May 23 11:15:53 CDT 2006


<neil.bosh@gmail.com> wrote in message
news:1148366851.888273.205470@i40g2000cwc.googlegroups.com...
> What are the threats posed by RPC (Remote Procedure Call) and by DCOM
> in XP SP2 ? (well if there are any !!)

Need more information, I think. As long as you're fully patched, and IPSec
or a firewall of some sort is preventing inbound access from the Internet
and other unnecessary IP addresses, there shouldn't be a lot of risk.
Having said that, these are technologies you should primarily be using on an
internal, semi-trusted network, and/or with good security countermeasures
like firewall and antivirus. Having RPC enabled and available to remote
systems definitely adds some risk.

One issue with RPC is that it could allow someone to enumerate running RPC
software and listening RPC ports on the system. The software that is using
RPC must itself be written securely, to prevent unauthorized access.
Another issue is that, at least with Windows, RPC and its portmapper port
TCP/UDP 135 is a gateway that allows access to a lot of listening Windows
processes, and if a vulnerability is found in any one of them, there can be
serious trouble. Because of this, a lot of people are actively looking for
vulnerabilities that can be exploited through RPC, so future vulnerabilities
unknown today are a concern.


Top

Re: Security Defects by neil

neil
Tue May 23 17:42:14 CDT 2006

Well I am actully writing a report on: XP Network Security Features, so
i need some pro and cons on these. Well I got a of postive sides to
it, but a few negative sides, such as this one.

Let say if we are going to install XP Pro on a network, without
implementing any other firewalls, that is, relying on only XP
security...what types of threats we are exposed to ?
Well we have links to site that can help me with these, I would be
grateful as well.

Thanks

Top

Re: Security Defects by Roger

Roger
Tue May 23 20:34:55 CDT 2006

Get the Threats and Countermeasures and the XP security guides,
from MS, which you should be able to find with searches, and
checkout the discussions you can locate in these with find.
You will notice it is all relative to the nature of use of the XP.
In a stand-alone there is no real need for either, but RPC does
need to be installed if you want all things to work (it does not
however need to be bound to a nic).

<neil.bosh@gmail.com> wrote in message
news:1148424134.913697.306650@i40g2000cwc.googlegroups.com...
> Well I am actully writing a report on: XP Network Security Features, so
> i need some pro and cons on these. Well I got a of postive sides to
> it, but a few negative sides, such as this one.
>
> Let say if we are going to install XP Pro on a network, without
> implementing any other firewalls, that is, relying on only XP
> security...what types of threats we are exposed to ?
> Well we have links to site that can help me with these, I would be
> grateful as well.
>
> Thanks
>


Top

Re: Security Defects by Steven

Steven
Wed May 24 20:18:57 CDT 2006

In addition to Roger's advice check out the link below if you have not seen
it yet for the topic RPC Interface Restriction. --- Steve

http://www.microsoft.com/technet/prodtechnol/winxppro/maintain/sp2netwk.mspx

<neil.bosh@gmail.com> wrote in message
news:1148424134.913697.306650@i40g2000cwc.googlegroups.com...
> Well I am actully writing a report on: XP Network Security Features, so
> i need some pro and cons on these. Well I got a of postive sides to
> it, but a few negative sides, such as this one.
>
> Let say if we are going to install XP Pro on a network, without
> implementing any other firewalls, that is, relying on only XP
> security...what types of threats we are exposed to ?
> Well we have links to site that can help me with these, I would be
> grateful as well.
>
> Thanks
>


Top