[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Full-Disclosure] Possibly a stupid question RPC over HTTP

To: "Daniel H. Renner" <dan@xxxxxxxxxxxxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [Full-Disclosure] Possibly a stupid question RPC over HTTP
From: "Todd Towles" <toddtowles@xxxxxxxxxxxxxxx>
Date: Wed, 13 Oct 2004 14:30:11 -0500

Are you talking about the BITS change? Where it does BITS over HTTP? 

> -----Original Message-----
> From: full-disclosure-admin@xxxxxxxxxxxxxxxx 
> [mailto:full-disclosure-admin@xxxxxxxxxxxxxxxx] On Behalf Of 
> Daniel H. Renner
> Sent: Wednesday, October 13, 2004 10:37 AM
> To: full-disclosure@xxxxxxxxxxxxxxxx
> Subject: Re: [Full-Disclosure] Possibly a stupid question RPC 
> over HTTP
> 
> Daniel,
> 
> Could you please point out where you read this data?  I would 
> like to see this one...
> --
> Daniel H. Renner <dan@xxxxxxxxxxxxxxxxxxxxxxxxxx> Los Angeles 
> Computerhelp
> 
> 
> On Tue, 2004-10-12 at 20:54, full-disclosure-request@xxxxxxxxxxxxxxxx
> wrote:
> > Message: 18
> > Date: Tue, 12 Oct 2004 12:41:56 -0700
> > From: "Daniel Sichel" <daniels@xxxxxxxxxxxxxxxx>
> > To: <full-disclosure@xxxxxxxxxxxxxxxx>
> > Subject: [Full-Disclosure] Possibly a stupid question RPC over HTTP
> > 
> > This may just reflect my ignorance, but I read (and found hard to
> > believe) that Microsoft has implemented RPC over HTTP. Is this not a
> > HUGE security hole? If I understand it correctly it means 
> that good old
> > HTML or XML can invoke a process using standard web traffic 
> (port 80)?
> > Is there any permission checking done? what things can be 
> invoked by RPC
> > over HTTP? Jeeze, to me it looks like the barn door is now 
> wide open. Am
> > I right, and if so, how can I detect RPCs in web traffic to 
> block this
> > junk? Can ANY stateful packet filter see this stuff or is 
> the pattern
> > too broad in allowed RPCs?
> > 
> > Again, I hope this is not a stupid question or 
> inappropriate format for
> > this, as somebody else recently said, there is already 
> enough noise on
> > this list. I would hate to see this list degenerate, it has 
> been REALLY
> > valuable to me as a network engineer on occaison.
> > 
> > Thanks all,
> > Dan Sichel
> > Ponderosa telephone
> > daniels@xxxxxxxxxxxxxxxx
> > 
> 
> 
> _______________________________________________
> Full-Disclosure - We believe in it.
> Charter: http://lists.netsys.com/full-disclosure-charter.html
> 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Prev by Date: [Full-Disclosure] IRC spying to increase
Next by Date: Re: [Full-Disclosure] Possibly a stupid question RPC over HTTP
Previous by thread: Re: [Full-Disclosure] Possibly a stupid question RPC over HTTP
Next by thread: Re: [Full-Disclosure] Possibly a stupid question RPC over HTTP
Index(es):
- Date
- Thread