DCOM and firewalls

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

From: "Dilip" <rdilipk@xxxxxxxxx>
Date: 7 Mar 2007 14:24:36 -0800

I have read Michael Nelson's article on MSDN regarding tunnelling DCOM
through firewalls. I have come to understand that port 135 definitely
needs to be opened. The article mentions that we can limit the range
of ports that DCOM dynamically assigns to server applications. Now I
have just ONE NT Service running on my server that hosts a bunch of
COM objects. For client applications to connect to this server
through a firewall how many ports would DCOM typically need? I mean,
I cannot put a range like 3000-4000 on the registry and ask our admin
to open 1000 ports if DCOM is going to open only one for that one
server application.

In other words I would like to reduce the range of ports that need to
opened. Since we have only one COM-based application running could we
get away with restricting that range to 5 or so?

.

Prev by Date: Re: Proxy/Stub Dll exported symbol Warnings
Next by Date: Re: Fire an event with an Interface pointer
Previous by thread: Please Suggest some free Online Test
Next by thread: Re: Fire an event with an Interface pointer
Index(es):
- Date
- Thread

Relevant Pages

Re: FTP on Server 2008
... I have enabled ports 21 and 443 also, but cannot access to the Server. ... FTP is still having problems through firewalls. ...
(microsoft.public.windows.server.general)
Re: FTP on Server 2008
... I have enabled ports 21 and 443 also, but cannot access to the Server. ... I checked telnet server 21 and 443 from this server, but it isn't opened, even FTP is enabled in Windows Firewall with Advanced Security. ... It's a protocol designed before firewalls, so the concept of passing through firewalls is foreign to it. ...
(microsoft.public.windows.server.general)
Kamel (DCOM) durchs Nadelöhr (Firewall)
... verschiedenen Rechnern in erheblichem Umfang auf DCOM. ... besonders Firewall-freundliches Protokoll, da die Verbindungsaufnahme über ... wie man den Bereich der Ports durch Konfiguration ... die durch Firewalls getrennt sind. ...
(microsoft.public.de.vc)
Re: RMI client behind a firewall, server behind a firewall too
... If you have no control over the firewalls at all, ... However, if you can negotiate opening of a few ports with the admin, then ... > I want to have a RMI client behind a firewall and a RMI server ... > The web server on either side isn't the same as the machine running ...
(comp.lang.java.programmer)
Re: DCOM
... > And DCOM is only one of the vulnerabilities that can be reached via TCP 135. ... > won't cause TCP or UDP 135 to be stealthed or blocked, because the RPC ... > endpoint mapper is the service that is really listening on those ports. ... > The reason for considering disabling DCOM or RPC would be to protect you ...
(microsoft.public.windowsxp.security_admin)