The
solution is to do away with RPC entirely - but that's a major rewrite of things.
On the other hand, I have plenty of Unix boxes running with RPC disabled and
they run fine.
Let's
remember RPC's major functionality can be replaced, but that's at the expense of
more complex application design.
Roger
--------------------------------------------------------------
Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
Roger D. Seielstad - MTS MCSE MS-MVP
Sr. Systems Administrator
Inovis Inc.
-----Original Message-----
From: Rick Kingslan [mailto:[EMAIL PROTECTED]
Sent: Thursday, September 11, 2003 12:22 AM
To: [EMAIL PROTECTED]
Subject: RE: [ActiveDir] New RPC DOSTodd,>> Anyone have a clue as to how Microsoft plans to fix the RPC system to make it more secure?Concentrate maybe one or two more people on looking at error checking on the input into the arrays/buffers in the RPC code? ;opI mean, really - a vuln lays around waiting for someone to find it for years, and in this short of a time 3 more vuls are found in roughly the same area, just different vectors? I sure hope that there is a team pouring over the code that makes up RPC.Rick Kingslan MCSE, MCSA, MCT
Microsoft MVP - Active Directory
Associate Expert
Expert Zone - www.microsoft.com/windowsxp/expertzone
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd (NIH/CIT)
Sent: Wednesday, September 10, 2003 2:15 PM
To: '[EMAIL PROTECTED]'
Subject: [ActiveDir] New RPC DOSOur Microsoft TAM notified us of this new issue. I waited to give them time to publish it to the various news sites.At 9AM PST, PSS will be announcing a new critical security bulletin (MS03-039). This bulletin will address an RPC denial-of-service vulnerability in Windows products. Please take the time today to go to the www.microsoft.com/security site to obtain the patch and directions for implementation. Just trying to help you stay one step ahead!I think it is very important to get this update on all your DC's even if they are behind a firewall ASAP. We managed to mitigate blaster but these RPC DOS are starting to get really nasty.Anyone have a clue as to how Microsoft plans to fix the RPC system to make it more secure?Thanks,Todd Myrick
