Re: Enforce Strict RPC Compliance Definition
- From: "Quillman Shawn (RBNA/CSA1) *" <Shawn.Quillman@xxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Fri, 16 Sep 2005 09:30:32 -0500
Dude, don't make my brain work like that so close to a weekend. Three pots of
coffee yesterday after reading your post!
>-----
>Robert Bosch Corporation
>Technical Systems Analyst (RBNA/CSA1)
>Corporate Sales Reporting Systems
>38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA
>phone: 1 (248) 553-1164 fax: 1 (248) 848-6969
>shawn.quillman@xxxxxxxxxxxx
>http://www.bosch.us
-----Original Message-----
From: JosephK [mailto:josephk@xxxxxxxxx]
Sent: Friday, September 16, 2005 12:57 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
Not a thing just wanted to participate in the list since I've been away doing
some cool fun things.
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, September 15, 2005 9:55 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
??
What does this have to do with BIOS boot options?
Ain't no OS during the boot process.
-----Original Message-----
From: JosephK [mailto:josephk@xxxxxxxxx]
Sent: Thursday, September 15, 2005 7:41 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
Must you forget running with least privileges and using runas for all the
good admin stuff.
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Thursday, September 15, 2005 7:19 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
Ew.
The last thing I do after building out a machine is disable boot from anything
other than HDD.
If I need a different boot process, I'll be seated at the machine anyway.
-----Original Message-----
From: Quillman Shawn (RBNA/CSA1) * [mailto:Shawn.Quillman@xxxxxxxxxxxx]
Sent: Thursday, September 15, 2005 6:53 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
I do too. Not directly over RPC. I'll do it via remote desktop or Netmeeting
(for the older machines). Have only had to drive in once to jumpstart a
machine that didn't want to come back up (darn people leaving their floppies in
their drives......)
>-----
>Robert Bosch Corporation
>Technical Systems Analyst (RBNA/CSA1)
>Corporate Sales Reporting Systems
>38000 Hills Tech Drive - Farmington Hills, MI 48331 - USA
>phone: 1 (248) 553-1164 fax: 1 (248) 848-6969
>shawn.quillman@xxxxxxxxxxxx
>http://www.bosch.us
-----Original Message-----
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Thursday, September 15, 2005 7:42 AM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
I do it all the time....if I roll out new software at client sites that
requires a reboot.
S
-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Thursday, September 15, 2005 8:25 AM
To: ISA Mailing List
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
No not me. I just questions when I don't get it. Who needs to remotely shutdown
workstations anyway?
Marie doesn't trust you?
Amy
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Wednesday, September 14, 2005 11:38 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
You talked to Marie, didn't you?
<snif> - you don't trust me any more...
-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Wednesday, September 14, 2005 6:42 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
The kb talks about configuring the RPC filter for a particular rule. What if I
uncheck it in system policy configuration, under Authentication, Active
Directory. Will this disable it for all rules since System Policy is higher up
than Firewall Policy?
Obviously I'm not getting how changing this setting in System Policy effects my
RPC settings in firewall policy rules where I can still, say in the Internet
access rule, have enforce strict RPC compliance checked even though in system
policy it's unchecked. What's the interaction? Or is there any?
Amy
Harbor Computer Services
Small Business Computer Specialists
Client Blog: http://smalltechnotes.blogspot.com/
Tech Blog: http://isainsbs.blogspot.com/
Website: http://www.harborcomputerservices.net/
-----Original Message-----
From: Jim Harrison [mailto:Jim@xxxxxxxxxxxx]
Sent: Wednesday, September 14, 2005 8:07 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
http://support.microsoft.com/default.aspx?scid=kb;en-us;833704
talks about it a little.
So long as you're not server publishing RPC (Exch MAPI), you haven't exposed
your workstations to anything except the ISA itself.
-----Original Message-----
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Wednesday, September 14, 2005 2:28 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
Restart a PC from the server. With Enforce Strict RPC Compliance checked in
system policy you cannot remotely reboot a PC. If you uncheck it you can. PSS
recommended unchecking it but I'm wondering what the security consequences are
beyond you can now remotely reboot a PC.
Amy
________________________________
From: Steve Moffat [mailto:steve@xxxxxxxxxx]
Sent: Wednesday, September 14, 2005 5:26 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
I'm not understanding....you need to restart a pc, or you need to restart the
sbs server. Or you need to restart a pc from the SBS server?
S
________________________________
From: Amy Babinchak [mailto:amy@xxxxxxxxxxxxxxxxxxxxxxxxxx]
Sent: Wednesday, September 14, 2005 6:08 PM
To: ISA Mailing List
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
Yes, but if I uncheck that box, then I can bring down RPC.
________________________________
From: Tiago de Aviz [mailto:Tiago@xxxxxxxxxxxxxxx]
Sent: Wednesday, September 14, 2005 4:44 PM
To: [ISAserver.org Discussion List]
Subject: [isalist] Re: Enforce Strict RPC Compliance Definition
http://www.ISAserver.org
I don't think so, because the workstation booted because you could bring down
RPC, right? Since that's corrected there's no need to worry.
Tiago de Aviz
SoftSell - Curitiba
(41) 3340-2363
www.softsell.com.br
Esta mensagem, incluindo seus anexos, tem caráter confidencial e seu conteúdo é
restrito ao destinatário da mensagem. Caso você tenha recebido esta mensagem
por engano, queira por favor retorná-la ao destinatário e apagá-la de seus
arquivos. Qualquer uso não autorizado, replicação ou disseminação desta
mensagem ou parte dela é expressamente proibido. A SoftSell não é responsável
pelo conteúdo ou a veracidade desta informação.
>>> amy@xxxxxxxxxxxxxxxxxxxxxxxxxx 14/9/2005 17:41 >>>
http://www.ISAserver.org
In system policy if I uncheck Enforce strict RPC compliance, I'm told that you
can now remotely shut down workstations. What else have I opened my
workstations up to? Blaster?
Amy
Harbor Computer Services
Small Business Computer Specialists
Client Blog: http://smalltechnotes.blogspot.com/
Tech Blog: http://isainsbs.blogspot.com/
Website: http://www.harborcomputerservices.net/
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
<http://www.isaserver.org/pages/newsletterasp>
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
tiago@xxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
________________________________
The correct technical term for haggis stalking is "havering".
<http://haggishunt.scotsman.com/haggisclopedia.cfm?part=5>
________________________________
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
amy@xxxxxxxxxxxxxxxxxxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
isalist@xxxxxxxxxx To unsubscribe visit
http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
The correct technical term for haggis stalking is "havering".
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
josephk@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
jim@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
All mail to and from this domain is GFI-scanned.
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
josephk@xxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
------------------------------------------------------
List Archives: http://www.webelists.com/cgi/lyris.pl?enter=isalist
ISA Server Newsletter: http://www.isaserver.org/pages/newsletter.asp
ISA Server FAQ: http://www.isaserver.org/pages/larticle.asp?type=FAQ
------------------------------------------------------
Visit TechGenix.com for more information about our other sites:
http://www.techgenix.com
------------------------------------------------------
You are currently subscribed to this ISAserver.org Discussion List as:
shawn.quillman@xxxxxxxxxxxx
To unsubscribe visit http://www.webelists.com/cgi/lyris.pl?enter=isalist
Report abuse to listadmin@xxxxxxxxxxxxx
Other related posts:
