Security Basics mailing list archives
RE: RPC over 80
From: "Depp, Dennis M." <deppdm () ornl gov>
Date: Tue, 19 Jul 2005 08:44:00 -0400
First you want to run this over https, port 443 not http port 80. The disadvantage is your exchange servers and domain controllers need to be running Windows 2003. Your clients all need to be Windows XP SP1 (w/ a hotfix) or SP2 and have Office 2003. If you are using username and password to get into your VPN, the security is comparable. RCP over http(s) does not allow for any two factor authentication (one time passwords or smart cards) Also I don't think there is any type of inactivity disconnect with RPC over http(s). Advantages is it is much easier on the end user. Often all people need from the internal network is access to email. Denny -----Original Message----- From: Corey Watts-Jones [mailto:cwattsjones () rogers com] Sent: Thursday, July 14, 2005 9:50 AM To: security-basics () securityfocus com Subject: RPC over 80 G'day list, Just to grab some opinions from the list, we're trying to cut our usage of VPNs down for a lot of our clients as password management seems to be an issue for a lot of our users (shocker, eh?). So, a suggested alternative for users that just need access to their Exchange accounts has been RPC over 80, to allow them to use their full outlook clients instead of OWA. Any advantages, disadvantages or known problems with this? Thanks in advance! Corey Watts-Jones BIT Incorp. Network Technician
Current thread:
- RPC over 80 Corey Watts-Jones (Jul 18)
- RE: RPC over 80 Sarbjit Singh Gill (Jul 20)
- <Possible follow-ups>
- RE: RPC over 80 Depp, Dennis M. (Jul 20)