> -----Original Message-----
> From: Laurent Thierry [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, 9 May 2000 2:01 AM
> To: [EMAIL PROTECTED]
> Subject: RE: firewalling a windows PDC
>
>
>
> Ben,
>
> Why is it so dangerous to let the RPC service activated?
> AFAIK, disabling it
> often produce performance problems (our own experience with
> CP FW-1 on NT
> machines)? Does this means that, in this very specific case,
> no compromise
> can be made between security and performance?
>
Sorry - sloppy phrasing. You're right - you _really_ don't want to _disable_
RPC. 8) "Performance problems" is a fairly mild way of describing the
results of shutting down the RPC portmapper for a firewall box. 8)
What you do want to do is protect the RPC port from external access. If you
want internal users to be able to use a domain controller, however, you must
allow access to RPC from their computers.
Cheers,
--
Ben Nagy
Network Consultant, Volante IT
PGP Key ID: 0x1A86E304 Mobile: +61 414 411 520
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
