There's been an update to ipFilters.xls (Excel spreadsheet) on the MS ftp site. It contains a fairly useful list of ports used by Windows NT, MS and a couple of other folk's applications. Look in their Internet Services Network directory: ftp://ftp.microsoft.com/services/isn/ossbss/security/ A friendly version of the same would make a welcome addition to the MS security site.. ..as would things like the (alleged) premier support customers only Knowlege Base article Q154596: Limiting the RPC ports used by DMZ NT Systems through a firewall. Holding back such obviously useful security articles does seem to undermine MS claims of concern for their customer's security. I'm not rich enough to know if the solution is documented in the above article, so has anyone suceeded in forcing NT RPC services to use a fixed range of ports via the relevant RPC registry settings? I tried that once on an IIS box, in an attempt to ensure any open RPC ports were guaranteed to fall within a filtered range. Iirc, it partly worked but some other bad things happened. -Alan-
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:45:14 PDT