This section provides best practice recommendations for writing a secure RPC client or server.

The information in this section applies to Windows 2000 and Windows XP. This section applies to all protocol sequences, including ncalrpc. Developers tend to think ncalrpc is not a probable target for an attack, which is not true on a terminal server where potentially hundreds of users have access to a service, and compromising or even bringing down a service can lead to acquiring extra access.

This section is divided into the following topics:

• Which Security Provider To Use
• Controlling Client Authentication
• Choosing an Authentication Level
• Choosing Security QOS Options
• Common Mistake: Assuming RpcServerRegisterAuthInfo Prevents Unauthorized Users from Calling your Server
• Callbacks
• Null Sessions
• Use the /robust Flag
• IDL Techniques for Better Interface and Method Design
• Strict and Type Strict Context Handles
• Do Not Trust Your Peer
• Do Not Use Endpoint Security
• Be Wary of Other RPC Endpoints Running in the Same Process
• Verify The Server Is Who It Claims To Be
• Use Mainstream Protocol Sequences
• How Secure is my RPC Server Now?

Send comments about this topic to Microsoft

Build date: 10/9/2008