Remote Procedure Call. What is RPCSS.EXE? Coming from a heavy Windows NT development background, I can shed some light on what rpcss.exe is actually doing. RPC is short for Remote Procedure Call; it is a means by which two programs can call each other's publically available procedures over a network, and is nothing new (in fact, UNIX systems have had this in sunrpc/portmap for years). While RPC is not, by its nature, connected to any particular service and a program can handle RPC on its own, the Win32 API upon which Windows NT and 9x are based provides a series of RPC function calls which are handled by (you guessed it!) Rpcss.exe. Originally, Windows 9x's Winsock service didn't provide RPC, so rpcss.exe was redistributed with the new Winsock that comes with newer Microsoft applications.
In any event, what rpcss.exe does is to handle a number of API calls that relate to RPC. "WAIT JUST A MINUTE," you scream as your face turns red. On Windows NT/2000, the situation is somewhat different. Windows 2000 Support Center. Services List. Services Minimization. Slipstreaming. Slipstreaming SP2 How would you like to be able to have Service Pack 2 integrated in your Win2K install files? No more installing Win2K, then applying the latest Service Pack. When you install Win2K, you are installing the latest Service Pack right along with it! Sound too good to be true? Well it isn't! Here's how to do it: First, get out your Win2K CD and copy all the files to a directory on your hard drive (I'll assume you're copying all the files to C:\win2k). If you have W2KSP2.exe, then you need to extract it using the command "W2KSP2.exe -x" (for example, "c:\downloads\W2KSP2.exe -x").
Open up a Command Prompt box (note that you must be in Win2k already to do the slipstream). Questions? For the Privacy Policy, click here. Technical Resources. Windows 2000 Updates. TCP_IP Packet Filtering. Security Considerations for Network Attacks. Services Glossary. IPSec to Lock Down a Server. The telecommunications industry is looking to innovate with new mobility scenarios, improve customer relationship management and business insight, and improve operational efficiency.
Microsoft offers a high performance platform and solutions, together with a partner ecosystem, that help to support the mission-critical operations of today’s communication service providers (CSPs). Learn More Mobile workspace Increase operational efficiency, enhance customer experience, and enable new business models with productivity and collaboration tools from Microsoft. Learn More Amazing customer experiences Match customer needs to your products and services, engage them at the right time through the right channel, and nurture them into brand advocates. Business analytics Achieve breakthrough insight into business performance and profitability, and provide an integrated view of the enterprise. Cloud and digital services NEXT: Amazing customer experiences. IPSec in Windows 2000 and XP. Introduction This article is the first of a three-part series that will describe the technical details of using Internet Protocol Security (IPSec) in a Windows 2000 and XP environment.
IPSec is an architecture consisting of several protocol standards aimed at protecting IP traffic. IPSec is commonly used to refer to the secure IP packets of the AH and ESP protocols, because these provide the major security services. This article will offer a brief overview of IPSec, as well as a look at the structure and interface for IPSec in Windows and a look at the two different modes of IPSec authentication methods for IKE in Windows. The audience for this series of articles is assumed to be system or network administrators, computer security or support professionals, and should have a working technical knowledge of Windows 2000 and TCP/IP. An Brief Overview of IPSec Although IPSec works for IPv4 and IPv6, the focus of this series is on IPv4. The Structure and Interface for IPSec in Windows. Script Policies.
Automate logon and logoff by implementing script policies In Windows 2000 (Win2K), Microsoft includes a helpful new script-related feature: script policies. Win2K script policies are a component of the Group Policy technology in Win2K. Group Policy provides you with the ability to define and control multiple computer and user environments. With script policies, you can develop, define, and run scripts based on key system events.
For example, you can create startup and shutdown scripts, and you can easily assign these scripts to one or more computer objects. Likewise, you can create and assign both logon and logoff scripts to one or more user objects. Because script policies are a component of Group Policy, the key to successfully implementing script policies begins with a good understanding of Group Policy. Group Policy comes in two flavors: local computer policy and the Active Directory (AD)-integrated Group Policy. The second and more powerful flavor of Group Policy leverages AD. Registering Programs with Client Types. This topic explains how to register a program in the Microsoft Windows registry as one of the following client types: browser, e-mail, media playback, instant messaging, or virtual machine for Java.
Note This information applies to the following operating systems: Windows 2000 Service Pack 3 (SP3)Windows 2000 Service Pack 4 (SP4)Windows XP Service Pack 1 (SP1)Windows XP Service Pack 2 (SP2)Windows Server 2003Windows Vista This topic includes the following sections. This topic extends existing documentation about registering a program as a particular client type. For links to that documentation, see the Related Topics section. Common Registration Elements for All Client Types This section discusses the following topics: All client type registration information is stored under the following subkey. HKEY_LOCAL_MACHINESoftwareClientsClientTypeName ClientTypeName is one of the following subkey names: Selecting a Canonical Name The vendor must choose a canonical name for the program.
Security Configuration Guide. Command Processor. Event & Error Messages. Product Documentation. Service Pack 3 Resources. Scripting Guide. Default Access Control Settings. Management Services Glossary. IPSec and You. Everyone wants their server to be as secure as possible, but there are many different approaches that can be taken to accomplish this end. Now Microsoft didn't invent IP Security (or IPSec for short), it was developed by them in conjunction with Cisco and the IETF, but Windows 2000 has a very robust implementation of it built in. The intent of IPSec is to help in creating secure connections between different machines, even when the software that's communicating has no knowledge of the encryption. IPSec can also be used to apply rules as to what kind of IP traffic a machine will accept, akin to a limited firewall - that part of IPSec is what this article deals with.
I'm going to assume that if you're reading this, you already have Win2k installed and know how to get to the IPSec administration portion - if you don't, please check the additional resources section. As many of you may be aware, each network interface also has TCP/IP filtering as an advanced option. Secure IIS 5 Checklist. Security Recommendation Guides. Native Win2K Processes. When you start Windows Task Manager and click the Processes tab, you see approximately 30 processes that Windows 2000 runs at startup, plus Microsoft and third-party processes that implement antivirus protection and other running applications. Some Task Manager processes (e.g., alertsvc.exe, Iexplore.exe, dns.exe, wins.exe) correlate one-for-one with a specific Win2K service; other processes, such as the System Idle Process, services.exe, and svchost.exe, are core OS components, or they coordinate multiple services.
Processes that correlate directly with a native service appear in the Task Manager process list only when you've configured the service and the service is running. So, unless you've installed Win2K Server Tools on a Win2K Professional machine, you won't see dns.exe or wins.exe on the Win2K Pro system. These same native processes will appear on Win2K Server only if you have configured and started the service.
Csrss.exe is the Client-Server Runtime Subsystem. IPSec Can Protect Your LAN Resources. IPSec Packet Filtering. IP Filtering. This article will outline one of the new things in Microsoft's Windows XP and 2000 that is very usefull to people using file sharing on the Internet: Blocking connections from hosts outside your local network! Windows XP (or 2000) contains a full fledged, although somewhat non-obvious firewall layer you can use to block or enable arbitrary ports. You need to look at the settings for IPSec and Kerberos: In the Administrative Tools menu you will find an item called the 'Local Security Policy'.
Windows XP (or 2000) firewalling/IPSec settings are evaluated so that the most specific rule will match. This means that in order to allow access to a port from a specific address range we must also make a rule to disable traffic to that port from ANY address. We're going to add a ruleset here to block traffic on netbios ports from the outside world to demonstrate how this works. Hardening Win2000. File Protection. By Cæsar Last updated: 7/28/2000 In its quest to make Windows less susceptible to the kinds of problems brought about by overzealous deleters--you know, the folks who like to clean up their hard drive by deleting stuff they know little about--Microsoft implemented a technology in Windows 2000 to monitor "crucial" system files, and replace them as necessary. This technology is varyingly called Windows File Protection (WFP), System File Protection (SFP), and System File Checker (SFC).
Not even Microsoft is consistent, once you look at the registry settings! In theory, it's a beautiful thing. How does it work? WFP runs in the background and monitors your system for changes. The file is stored locally in %SYSTEMROOT\system32\dllcache, and is hence just copied over. On Windows 2000 Professional, the DllCache is usually around 50MB. Why would anyone want to disable it?
For the most part, we view WFP as a good thing. The world made it this far without WFP, so it's not absolutely necessary.