I'm trying to reduce security RPC security flaws in our windows environment and I'm having trouble understand RPC's and the output of rpcdump. What does it mean when when endpoints are found and how is that a vulnerability?
Thanks a lot.
Printable View
I'm trying to reduce security RPC security flaws in our windows environment and I'm having trouble understand RPC's and the output of rpcdump. What does it mean when when endpoints are found and how is that a vulnerability?
Thanks a lot.
http://search.microsoft.com/search/r...int&View=en-us
try that link, it came back with a few security patches...
http://www.microsoft.com/windows2000.../rpcdump-o.aspQuote:
rpcdump
Quote:
This command-line tool queries Remote Procedure Call (RPC) endpoints for status and other information on RPC.
RPC Dump interrogates the endpoint mapper database to obtain a list of every registered endpoint. If the /i switch is specified, the tool pings each endpoint to determine if the service that registered the endpoint is listening. After gathering some other statistics, RPC Dump sorts them and outputs the data.
This tool can help to isolate network troubles involving an RPC.
Thanks.
I guess you could use RPCdump in order to see on what ports RPC is listening. But RPCdump is not intended to be used as a security tool. Instead it is to get a current status of the rpc endpoint mapper to troubleshoot communication issues related to normal RPC traffic. This tool is espcially useful in Win2k AD and Exchange2k environments.