AFAIK, Checkpoint's NG can track the specific UUID used and allow only it to
pass.
Shimon Silberschlag
+972-3-9351572
+972-51-207130
----- Original Message -----
From: "Tichomir Kotek" <tichomir.kotek_at_lynx.sk>
To: "fw" <firewall-wizards_at_honor.icsalabs.com>
Sent: Tuesday, March 30, 2004 16:22
Subject: [fw-wiz] firewall for MS RPC
> Hi All
>
> I'm looking for a solution for firewalling MS RPC protocol
> A lot of firewalls can do app. inspection/ proxying of SUN RPC (old
portmapper)
> but except the MS ISA proxy none can do MS RPC.
> I think it's because of "closed source" nature of MS RPC (nad MS at all :)
>
> I have found closest to firewalling MS RPC is PIX with established command
set,
> (you can make ASA accept another connection from/to port/port range after
connection to 135)
> but I'd like to ask folks around here :
>
> Is there a firewall/solution/workaround that does it better ?
>
> there are workaround I'm aware of :
> 1. RPC over HTTP/HTTPS - requires ISS server
> 2. PPTP/L2TP tunnel with/without IPsec
>
>
> with regards
>
> tk
> --
> Tichomír Kotek
> _______________________________________________
> firewall-wizards mailing list
> firewall-wizards_at_honor.icsalabs.com
> http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Apr 06 2004
Intro
