User Profile

thesquirrel1130

Copper Contributor

Joined Dec 28, 2022

13 Posts3 LikesLikes received

View All Badges

User Widgets

Recent Discussions

Re: RPC Endpoint Mapper Client Authentication uses NTLM
We are finally killing NTLM! Our issue was "Enable RPC endpoint mapper client authentication" (Enabled) and "Restrict unauthenticated RPC clients" (Enabled - Authenticated). To protect the RPC ports we have implemented, for several years, IPSEC in the windows firewall to require it on TCP 135 incoming. We will soon be requiring it on the dynamic ports which will also be limited to a known range of 150 ports. This protects those ports from Nessus scans (if you don't put the Nessus scanner's IP in a full allow rule). This way we can still protect RPC by having IPSEC authentication and blocking all outbound NTLM. NTLM is still allowed inbound for our RDP gateway until we get our remote clients to use the built-in KDC proxy on the gateway.
May 08, 2024 Place Microsoft Security
1.8KViews
0likes
0Comments
Re: Allow domain-based exclusion for "Always download PDF files" behaviour
Kelly_Y I 2nd this request. We have some websites that expect and require Edge to open the PDF natively. However, we would like it to open the system PDF viewer in all other cases. What is the status of this request? -Eli
Mar 07, 2024 Place Enterprise
2.8KViews
0likes
0Comments

Recent Blog Articles

No content to show