RE: [ActiveDir] New RPC DOS

[Chianese, David P.]

Title: Message

RPC over http is an absolute dream come true.  Exchange 2003 boasts this feature extensively.  I plan on implementation early 1st Qtr. next year.  (Right after our E2k upgrade is completed).     Regards,   Dave -----Original Message----- From: Michael B. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 2:38 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] New RPC DOS People have been talking about the long-term future of MAPI since at least Exchange 4.0. J   From: Bendall, Paul [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 1:57 PM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] New RPC DOS   Yeah I saw that with Windows 2003, Exchange 2003 and Outlook 2003 you can use MAPI over HTTP. But I wonder how secure this is going to be and what the long term future of MAPI is?   Paul -----Original Message----- From: Ken Cornetet [mailto:[EMAIL PROTECTED] Sent: 11 September 2003 18:43 To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] New RPC DOS They are going to start encapsulating MAPI in HTTP. -----Original Message----- From: Bendall, Paul [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 11:59 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] New RPC DOS How about IMAP, Microsoft seemed very quiet about MAPI when Exchange 2000 came out. I wonder what the long term plan is for MAPI?   Paul -----Original Message----- From: Andy David [mailto:[EMAIL PROTECTED] Sent: 11 September 2003 17:29 To: [EMAIL PROTECTED] Subject: Re: [ActiveDir] New RPC DOS All MAPI clients use RPC to communicate with the server, whether 5.5 or E200x.   ----- Original Message ----- From: Salandra, Justin A. To: '[EMAIL PROTECTED]' Sent: Thursday, September 11, 2003 11:18 AM Subject: RE: [ActiveDir] New RPC DOS   But if you use applications like Outlook with Exchange 5.5 then you can't communicate.   -----Original Message----- From: Roger Seielstad [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 9:41 AM To: '[EMAIL PROTECTED]' Subject: RE: [ActiveDir] New RPC DOS   The solution is to do away with RPC entirely - but that's a major rewrite of things. On the other hand, I have plenty of Unix boxes running with RPC disabled and they run fine.   Let's remember RPC's major functionality can be replaced, but that's at the expense of more complex application design.   Roger -------------------------------------------------------------- Roger D.. Seielstad - MTS MCSE MS-MVP Sr. Systems Administrator Inovis Inc -----Original Message----- From: Rick Kingslan [mailto:[EMAIL PROTECTED] Sent: Thursday, September 11, 2003 12:22 AM To: [EMAIL PROTECTED] Subject: RE: [ActiveDir] New RPC DOS Todd,   >> Anyone have a clue as to how Microsoft plans to fix the RPC system to make it more secure?   Concentrate maybe one or two more people on looking at error checking on the input into the arrays/buffers in the RPC code?  ;op   I mean, really - a vuln lays around waiting for someone to find it for years, and in this short of a time 3 more vuls are found in roughly the same area, just different vectors?  I sure hope that there is a team pouring over the code that makes up RPC.   Rick Kingslan  MCSE, MCSA, MCT Microsoft MVP - Active Directory Associate Expert Expert Zone - www.microsoft.com/windowsxp/expertzone     From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Myrick, Todd (NIH/CIT) Sent: Wednesday, September 10, 2003 2:15 PM To: '[EMAIL PROTECTED]' Subject: [ActiveDir] New RPC DOS Our Microsoft TAM notified us of this new issue  I waited to give them time to publish it to the various news sites.    At 9AM PST, PSS will be announcing a new critical security bulletin (MS03-039).   This bulletin will address an RPC denial-of-service vulnerability in Windows products.    Please take the time today to go to the www.microsoft.com/security site to obtain the patch and directions for implementation.    Just trying to help you stay one step ahead!   I think it is very important to get this update on all your DC's even if they are behind a firewall ASAP.  We managed to mitigate blaster but these RPC DOS are starting to get really nasty.   Anyone have a clue as to how Microsoft plans to fix the RPC system to make it more secure?   Thanks,   Todd Myrick ---------------------------------------------------------------------- If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. ---------------------------------------------------------------------- ---------------------------------------------------------------------- If you have received this e-mail in error or wish to read our e-mail disclaimer statement and monitoring policy, please refer to http://www.drkw.com/disc/email/ or contact the sender. ---------------------------------------------------------------------- This e-mail and any accompanying attachments are confidential. The information is intended solely for the use of the individual to whom it is addressed. Any review, disclosure, copying, distribution, or use of this e-mail communication by others is strictly prohibited. If you are not the intended recipient, please notify us immediately by returning this message to the sender and delete all copies. Thank you for your cooperation.