Firewall Wizards mailing list archives

Previous By Date Next
Previous By Thread Next

Re: firewall for MS RPC

From: "Shimon Silberschlag" <shimons () bll co il>
Date: Sun, 4 Apr 2004 09:11:12 +0200
AFAIK, Checkpoint's NG can track the specific UUID used and allow only it to
pass.

Shimon Silberschlag

+972-3-9351572
+972-51-207130


----- Original Message -----
From: "Tichomir Kotek" <tichomir.kotek () lynx sk>
To: "fw" <firewall-wizards () honor icsalabs com>
Sent: Tuesday, March 30, 2004 16:22
Subject: [fw-wiz] firewall for MS RPC



Hi All

I'm looking for a solution for firewalling MS RPC protocol
A lot of firewalls can do app. inspection/ proxying of SUN RPC (old

portmapper)

but except the MS ISA proxy none can do MS RPC.
I think it's because of "closed source" nature of MS RPC (nad MS at all :)

I have found closest to firewalling MS RPC is PIX with established command

set,

(you can make ASA accept another connection from/to port/port range after

connection to 135)

but I'd like to ask folks around here :

Is there a firewall/solution/workaround that does it better ?

there are workaround I'm aware of :
1. RPC over HTTP/HTTPS - requires ISS server
2. PPTP/L2TP tunnel with/without IPsec


with regards

tk
--
Tichomír Kotek
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards


_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Previous By Date Next
Previous By Thread Next

Current thread: