Yes I know when they connect true VPN as they are in the LAN. BUT not if you use the firewall like we do since you can make a policy in it and only allow traffic on port 3389. So if we have this scenario and connect with RDP and the client also mapp is local drives to the RDP will he use same functions as he does as if he just connect to a server true the LAN - NETBIOS.... ? And IF so is it same for ICA protocol? I am sorry but my english is not good enough to explain how RPC works as a part in the file sharing. BUT maybe this will give a hint? The first DCOM hole was discovered on the client side, where supplying arbitrarily large and malformed parameters via the local DCOM API caused a local program crash. The exploit took advantage of a buffer overflow regarding the NetBIOS name portion of a fileshare name. If the NetBIOS name is above 32 bytes in length supplied to the CoGetInstanceFromFile () function, it would cause a crash in RPCSS.EXE and kill the Microsoft RPC service. Eventually LSD made the jump to remotely exploiting the problem by hand crafting DCOM request packets that contained the malformed parameter Best regards Johan Med vänlig hälsning Johan Martens Teknik/Agdadrift avdelningen. Agda Lön AB Långskeppsgatan 9, 262 71 Ängelholm Tel 0431-44 94 00 Fax 0431-160 13 mailto:johan@xxxxxxx www.agda.se ________________________________ Från: thin-bounce@xxxxxxxxxxxxx genom Steve Greenberg Skickat: fr 2007-03-02 17:12 Till: thin@xxxxxxxxxxxxx Ämne: [THIN] Re: RPC and RDP Can you explain how RPC works as part of file sharing? When you grant VPN access in this fashion the end user does have the same access as if they were local, I just don't know how RPC works as part of CIFS file sharing.... Steve Greenberg Thin Client Computing 34522 N. Scottsdale Rd D8453 Scottsdale, AZ 85262 (602) 432-8649 www.thinclient.net steveg@xxxxxxxxxxxxxx ________________________________ From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Johan Martens Sent: Friday, March 02, 2007 3:10 AM To: thin@xxxxxxxxxxxxx Subject: [THIN] RPC and RDP Hi guys, I had a discussion with my boss the other day about RPC and RDP. If one of our employees connect to our firewall true VPN and then connect to a Terminal server and the map local drives are mapped true the session. Is it possible for a virus which uses RPC to go true this session, eg does the RDP protocol use the RPC to map the drives like ordinary windows drive mapping does? Thansk for answers Best regards Johan