Results 1 to 4 of 4

Thread: Understanding rpcdump

  1. #1

    Understanding rpcdump

    I'm trying to reduce security RPC security flaws in our windows environment and I'm having trouble understand RPC's and the output of rpcdump. What does it mean when when endpoints are found and how is that a vulnerability?

    Thanks a lot.
    \"I have not failed. I\'ve just found 10,000 ways that won\'t work.\" - Albert Einstein

  2. #2
    Senior Member tampabay420's Avatar
    Join Date
    Aug 2002

    try that link, it came back with a few security patches...

    This command-line tool queries Remote Procedure Call (RPC) endpoints for status and other information on RPC.

    RPC Dump interrogates the endpoint mapper database to obtain a list of every registered endpoint. If the /i switch is specified, the tool pings each endpoint to determine if the service that registered the endpoint is listening. After gathering some other statistics, RPC Dump sorts them and outputs the data.

    This tool can help to isolate network troubles involving an RPC.
    yeah, I\'m gonna need that by friday...

  3. #3
    \"I have not failed. I\'ve just found 10,000 ways that won\'t work.\" - Albert Einstein

  4. #4
    Senior Member
    Join Date
    Oct 2001
    I guess you could use RPCdump in order to see on what ports RPC is listening. But RPCdump is not intended to be used as a security tool. Instead it is to get a current status of the rpc endpoint mapper to troubleshoot communication issues related to normal RPC traffic. This tool is espcially useful in Win2k AD and Exchange2k environments.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts