Named pipes: Difference between revisions
Jump to navigation
Jump to search
(Created page with " A named pipe is a Windows specific interprocess communication method that allows processes on the same or different systems to communicate with each other. This setting allow...") (change visibility) |
No edit summary (change visibility) |
||
Line 4: | Line 4: | ||
* https://www.ultimatewindowssecurity.com/wiki/WindowsSecuritySettings/Network-access-Named-Pipes-that-can-be-accessed-anonymously | * https://www.ultimatewindowssecurity.com/wiki/WindowsSecuritySettings/Network-access-Named-Pipes-that-can-be-accessed-anonymously | ||
* http://www.hsc.fr/ressources/articles/win_net_srv/hardcoded_named_pipes.html | * http://www.hsc.fr/ressources/articles/win_net_srv/hardcoded_named_pipes.html | ||
* http://blueteamer.blogspot.be/2015/03/adventures-with-null-sessions-are-they.html | |||
Revision as of 15:00, 23 December 2016
A named pipe is a Windows specific interprocess communication method that allows processes on the same or different systems to communicate with each other. This setting allows you to define exceptions to the "Network Access: Restrict anonymous access to Named Pipes and Shares" setting below. Pipes listed in this setting can still be accessed anonymously (aka Null Session) even if "Network Access: Restrict anonymous access to Named Pipes and Shares" is enabled. This setting is necessary since there are a few components of Windows with name pipes that must allow anonymous access in order to function.
- https://blogs.msdn.microsoft.com/spatdsg/2006/05/15/fyi-changes-to-null-session-pipes-post-2k3-sp1/
- https://www.ultimatewindowssecurity.com/wiki/WindowsSecuritySettings/Network-access-Named-Pipes-that-can-be-accessed-anonymously
- http://www.hsc.fr/ressources/articles/win_net_srv/hardcoded_named_pipes.html
- http://blueteamer.blogspot.be/2015/03/adventures-with-null-sessions-are-they.html
services making legit use of unauthenticated named pipes
- Windows DFS -> netlogon
- Seen trendmicro services
- https://support.symantec.com/en_US/article.TECH123400.html