Firewall Wizards mailing list archives
RE: FW-1 and RPC with MSDTC
From: Ben Nagy <ben.nagy () marconi com au>
Date: Mon, 15 Jan 2001 13:51:21 +1030
-----Original Message----- From: Darren Reed [mailto:darrenr () reed wattle id au]
[...]
To reiterate, when I wrote a proxy for Microsoft's RPC I was not able to set up filtering on the RPC call itself, only decode the lookup and reply, looking for IP addresses and port numbers to remember for future use in client-server filtering.
Which is still useful work. Will this proxy be making into IPFilter in any form (maybe similar to the OpenBSD ftp "proxy")? It would be a whole lot easier to permit ms-rpc than to start registry hacking for Exchange servers that are confined to a DMZ. Not much more secure, until you get some docs on the packet internals, but easier. ;)
Darren
Cheers, -- Ben Nagy Marconi Services Network Integration Specialist Mb: +61 414 411 520 PGP Key ID: 0x1A86E304 _______________________________________________ firewall-wizards mailing list firewall-wizards () nfr com http://www.nfr.com/mailman/listinfo/firewall-wizards
Current thread:
- RE: FW-1 and RPC with MSDTC Ben Nagy (Jan 15)