http://mcwresearch.com/archives/367 Things I think I've thought about Sun, 07 Sep 2008 01:12:06 +0000 http://wordpress.org/?v=2.5.1 http://mcwresearch.com/archives/367#comment-1219 mcwresearch.com » Windows DNS/RPC Vulnerability Sat, 14 Apr 2007 14:18:10 +0000 http://mcwresearch.com/archives/367#comment-1219 [...] As I’ve said in the past, RPC will be a target for the foreseeable future. RPC is essential to Windows’ networking and thus essential to protect. If you have hosts exposed to the public Internet, they should NOT have RPC exposed. Hosts on your protected LAN should also be protected as much as possible. As I said yesterday, protect your core assets with defensive VLAN ACLs, firewalls and other choke-points so that you can control who talks to your servers and how. It’s a lot of work but in the long run you won’t suffer as much from zero days like this one. [...] [...] As I’ve said in the past, RPC will be a target for the foreseeable future. RPC is essential to Windows’ networking and thus essential to protect. If you have hosts exposed to the public Internet, they should NOT have RPC exposed. Hosts on your protected LAN should also be protected as much as possible. As I said yesterday, protect your core assets with defensive VLAN ACLs, firewalls and other choke-points so that you can control who talks to your servers and how. It’s a lot of work but in the long run you won’t suffer as much from zero days like this one. [...]

]]>