Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

RE: FW-1 and RPC with MSDTC

From: Ben Nagy <ben.nagy () marconi com au>
Date: Mon, 15 Jan 2001 13:51:21 +1030
-----Original Message-----
From: Darren Reed [mailto:darrenr () reed wattle id au]

[...]

To reiterate, when I wrote a proxy for Microsoft's RPC I
was not able to set up filtering on the RPC call itself, only 
decode the
lookup and reply, looking for IP addresses and port numbers 
to remember
for future use in client-server filtering.


Which is still useful work. Will this proxy be making into IPFilter in any
form (maybe similar to the OpenBSD ftp "proxy")? It would be a whole lot
easier to permit ms-rpc than to start registry hacking for Exchange servers
that are confined to a DMZ. Not much more secure, until you get some docs on
the packet internals, but easier. ;)


Darren


Cheers,
--
Ben Nagy
Marconi Services
Network Integration Specialist
Mb: +61 414 411 520  PGP Key ID: 0x1A86E304
_______________________________________________
firewall-wizards mailing list
firewall-wizards () nfr com
http://www.nfr.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: