Re: Possibly a stupid question RPC over HTTP

["Daniel H. Renner" <dan () losangelescomputerhelp com>]

Daniel,

Could you please point out where you read this data?  I would like to
see this one...
-- 
Daniel H. Renner <dan () losangelescomputerhelp com>
Los Angeles Computerhelp


On Tue, 2004-10-12 at 20:54, full-disclosure-request () lists netsys com
wrote:
> Message: 18
> Date: Tue, 12 Oct 2004 12:41:56 -0700
> From: "Daniel Sichel" <daniels () Ponderosatel com>
> To: <full-disclosure () lists netsys com>
> Subject: [Full-disclosure] Possibly a stupid question RPC over HTTP
>
> This may just reflect my ignorance, but I read (and found hard to
> believe) that Microsoft has implemented RPC over HTTP. Is this not a
> HUGE security hole? If I understand it correctly it means that good old
> HTML or XML can invoke a process using standard web traffic (port 80)?
> Is there any permission checking done? what things can be invoked by RPC
> over HTTP? Jeeze, to me it looks like the barn door is now wide open. Am
> I right, and if so, how can I detect RPCs in web traffic to block this
> junk? Can ANY stateful packet filter see this stuff or is the pattern
> too broad in allowed RPCs?
>
> Again, I hope this is not a stupid question or inappropriate format for
> this, as somebody else recently said, there is already enough noise on
> this list. I would hate to see this list degenerate, it has been REALLY
> valuable to me as a network engineer on occaison.
>
> Thanks all,
> Dan Sichel
> Ponderosa telephone
> daniels () ponderosatel com


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html