Re: RPC over HTTPs through ISA 2006, still a security hole?
- From: "Edward Ray" <ewray@xxxxxxxxxxxxxxxx>
- Date: Fri, 8 Dec 2006 08:13:50 -0800
With ISA 2006 I use the SSL certificate (including private key VERY IMPORTANT) in "SSL Listener" that is the same as on my exchange server 2003. According to what I have read, this should provide for decryption and inspection of traffic.
--
Edward Ray
CCIE Security, CISSP, GCIA Gold, GCIH Gold, MCSE+Security, PE
"Henrik Zawischa" <hzawischa@xxxxxxxxxxxxx> wrote in message news:OsRTs2qGHHA.4580@xxxxxxxxxxxxxxxxxxxxxxx
Henrik Zawischa wrote:Big Daddy Jay wrote:Forgot the main part: as far as I can see, RPC filters are still notIs the following still true (or better yet can I get confirmation this is/wasAt least it is not logged. The HTTP-filter works, you can limit the
the case with ISA 2004 even) with ISA 2006??
RPC-Over-HTTP Traffic Not Inspected
Problem: RPC over HTTP traffic encrypts the RPC data in HTTP. RPC over HTTP
data is not inspected by ISA Server 2004.
Cause: In regular Web publishing scenarios, ISA Server can inspect the HTTP
headers and body. However, the RPC filter designed to inspect RPC traffic
cannot inspect RPC over HTTP requests, and does not protect against RPC
exploits reaching the Exchange server. In outbound scenarios, RPC over HTTP
requests over SSL are tunneled, and no inspection takes place of the HTTP
headers or body following the initial connection.
methods, extensions, URL and query length. All these work.
Henrik
applied.
.
- References:
- Re: RPC over HTTPs through ISA 2006, still a security hole?
- From: Henrik Zawischa
- Re: RPC over HTTPs through ISA 2006, still a security hole?
- From: Henrik Zawischa
- Re: RPC over HTTPs through ISA 2006, still a security hole?
- Prev by Date: Re: HTTPS Using Web Proxy
- Next by Date: Re: HTTPS Using Web Proxy
- Previous by thread: Re: RPC over HTTPs through ISA 2006, still a security hole?
- Next by thread: Beta testers needed for videoconferencing application
- Index(es):
Relevant Pages
|
