PRO+ Premium Content/Information Security magazine

Thank you for joining!
Access your Pro+ Content below.
June 2005

Unwelcome Callers

BITS & BOLTS Insecure RPCs can leave you wide open. Take steps to protect your network. Remote Procedure Calls (RPCs) are at the heart of client/server computing, from Windows to *nix, allowing networked devices to seamlessly call services and components from one another. They're also the source of numerous vulnerabilities and exploits. RPC is ubiquitous, and that's the dilemma: You can't simply turn it off. That said, you're not without security options. RPC isn't inherently insecure: Developers can write secure code using RPC, and there are alternatives. You can defend your networks against known RPC exploits. Why RPC? Since almost every system runs RPC services, it's an obvious target. RPC reduces the complexity of network programming by handling communication over UDP. The programmer writes client/server code with identical parameters and leaves the networking to the protocol, allowing the protocol to span multiple OSes and networks. Most RPC vulnerabilities are simply the result of sloppy coding. Poor error-checking leaves ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue