MSDTC is disabled by default (windows 2003 - onwards) and I want to have it enabled for an application I'm developing that requires distributed transactions from .Net C#.
I don't believe there are any security issues with enabling it, but does SO know of any security issues with enabling the DTC?
Cheers
Ollie
As long as the machine is fully patched you should be reasonably safe. AFAIK there may have been some patches in the past for vulnerabilities related to this (but then there is for all components in the OS).
If it is listening on an external port then you may want to lock down the hosts which can connect to it. This would give you a level of protection if some sort of worm on compromise is discovered the in future. It is generally not the sort of thing you want to expose on internet-facing machines.
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With