Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

Security risk of enabling MSDTC

MSDTC is disabled by default (windows 2003 - onwards) and I want to have it enabled for an application I'm developing that requires distributed transactions from .Net C#.

I don't believe there are any security issues with enabling it, but does SO know of any security issues with enabling the DTC?

Cheers

Ollie

like image 554
AwkwardCoder Avatar asked Nov 05 '22 19:11

AwkwardCoder


1 Answers

As long as the machine is fully patched you should be reasonably safe. AFAIK there may have been some patches in the past for vulnerabilities related to this (but then there is for all components in the OS).

If it is listening on an external port then you may want to lock down the hosts which can connect to it. This would give you a level of protection if some sort of worm on compromise is discovered the in future. It is generally not the sort of thing you want to expose on internet-facing machines.

like image 166
Brian Lyttle Avatar answered Nov 09 '22 23:11

Brian Lyttle