rpc attacks

  • Thread starter Thread starter Max
  • Start date Start date
M

Max

Hi,

Much has been said about applying patches for windows servers and blocking
the perimeter firewall ports.
How about the measures network administrators should take to protect the
INTERNAL network from the recent RPC attacks? What are the steps that could
be used???

thanx
 
Blocking RPC in the internal network using a firewall
would also block most ligit traffic, I beleive the
firewall attack should concentrate blocking traffic
incoming from external networks.
 
Max said:
Hi,

Much has been said about applying patches for windows servers and blocking
the perimeter firewall ports.
How about the measures network administrators should take to protect the
INTERNAL network from the recent RPC attacks? What are the steps that could
be used???

thanx
make sure all machines are patched... all it takes is one person to take
their laptop home on an unprotected cable or dsl connection then bring it
back into your network to completely bypass all your firewalls.
 
Max said:
Hi,

Much has been said about applying patches for windows servers and blocking
the perimeter firewall ports.
How about the measures network administrators should take to protect the
INTERNAL network from the recent RPC attacks? What are the steps that could
be used???

thanx

also, monitor your router activity from inside... a huge increase in traffic
or other anomolies from inside can point to an infection.
 
Back
Top