|
Currently I've been examining RPC
services through firewalls. Since RPC services require a portmapper to map RPC
program id's into physical port numbers there need to be a lookup for RPC
services. Due to some reason (possibly caching) sometimes this lookup step is
ignored and the RPC program functions over the previously mapped port. My
question is how the firewall could handle this RPC request without intercepting
the first query and obtaining the physical port in case of cached RPC
connection.
Emrah Billu
|
