Windows DNS/RPC Vulnerability
Just wanted to point everyone to this post that details how to disable the vulnerable RPC service on your DNS servers and domain controllers.
As I’ve said in the past, RPC will be a target for the foreseeable future. RPC is essential to Windows’ networking and thus essential to protect. If you have hosts exposed to the public Internet, they should NOT have RPC exposed. Hosts on your protected LAN should also be protected as much as possible. As I said yesterday, protect your core assets with defensive VLAN ACLs, firewalls and other choke-points so that you can control who talks to your servers and how. It’s a lot of work but in the long run you won’t suffer as much from zero days like this one.
RSS feed for comments on this post.
TrackBack URI
