Re: Enforce Strict RPC Compliance Definition

• From: "Amy Babinchak" <amy@xxxxxxxxxxxxxxxxxxxxxxxxxx>
• To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
• Date: Thu, 15 Sep 2005 07:25:20 -0400

No not me. I just questions when I don't get it. Who needs to remotely shutdown 
workstations anyway?

Marie doesn't trust you? 

Amy

 
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Wednesday, September 14, 2005 11:38 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition

http://www.ISAserver.org

You talked to Marie, didn't you?
<snif> - you don't trust me any more...

-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, September 14, 2005 6:42 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition

http://www.ISAserver.org

The kb talks about configuring the RPC filter for a particular rule. What if I 
uncheck it in system policy configuration, under Authentication, Active 
Directory. Will this disable it for all rules since System Policy is higher up 
than Firewall Policy? 

Obviously I'm not getting how changing this setting in System Policy effects my 
RPC settings in firewall policy rules where I can still, say in the Internet 
access rule, have enforce strict RPC compliance checked even though in system 
policy it's unchecked. What's the interaction? Or is there any?

Amy
 
Harbor Computer Services
Small Business Computer Specialists
 
 
Client Blog: http://smalltechnotes.blogspot.com/
Tech Blog: http://isainsbs.blogspot.com/
Website: http://www.harborcomputerservices.net/
 

 

-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx] 
Sent: Wednesday, September 14, 2005 8:07 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition

http://www.ISAserver.org

http://support.microsoft.com/default.aspx?scid=kb;en-us;833704

talks about it a little.
So long as you're not server publishing RPC (Exch MAPI), you haven't exposed 
your workstations to anything except the ISA itself.

-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, September 14, 2005 2:28 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition

http://www.ISAserver.org


Restart a PC from the server. With Enforce Strict RPC Compliance checked in 
system policy you cannot remotely reboot a PC. If you uncheck it you can. PSS 
recommended unchecking it but I'm wondering what the security consequences are 
beyond you can now remotely reboot a PC.

Amy

________________________________

From: Steve Moffat [mailto:steve@xxxxxxxxxx] 
Sent: Wednesday, September 14, 2005 5:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition

 

http://www.ISAserver.org

I'm not understanding....you need to restart a pc, or you need to restart the 
sbs server. Or you need to restart a pc from the SBS server?

 

S

 

________________________________

From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx] 
Sent: Wednesday, September 14, 2005 6:08 PM
To: ISA Mailing List
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition

http://www.ISAserver.org

Yes, but if I uncheck that box, then I can bring down RPC.

________________________________

From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx] 
Sent: Wednesday, September 14, 2005 4:44 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition

 

http://www.ISAserver.org

I don't think so, because the workstation booted because you could bring down 
RPC, right? Since that's corrected there's no need to worry.

 

Tiago de Aviz
SoftSell - Curitiba
(41) 3340-2363
www.softsell.com.br 
 
Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é 
restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem 
por engano, queira por favor retorná-la ao destinatário e apagá-la de seus 
arquivos. Qualquer uso não autorizado, replicação ou disseminação desta 
mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável 
pelo conteúdo ou a veracidade desta informação.


>>> amy@xxxxxxxxxxxxxxxxxxxxxxxxxx 14/9/2005 17:41 >>>

http://www.ISAserver.org

In system policy if I uncheck Enforce strict RPC compliance, I'm told
that you can now remotely shut down workstations. What else have I
opened my workstations up to? Blaster?

Amy

Harbor Computer Services
Small Business Computer Specialists

Client Blog: http://smalltechnotes.blogspot.com/
Tech Blog: http://isainsbs.blogspot.com/
Website: http://www.harborcomputerservices.net/



------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp 
<http://www.isaserver.org/pages/newsletterasp> 
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
tiago@xxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
isalist@xxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx 

________________________________

The correct technical term for haggis stalking is "havering". 
<http://haggishunt.scotsman.com/haggisclopedia.cfm?part=5>  

________________________________



All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

All mail to and from this domain is GFI-scanned.


------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as: 
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx

Other related posts:

• » Enforce Strict RPC Compliance Definition
• » RE: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » RE: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition
• » Re: Enforce Strict RPC Compliance Definition

1. Home
2. isalist
3. Archive
4. 09-2005

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---