Article ID: 826382 - View products that this article applies to.
Important This article contains information about modifying the registry. Before you modify the registry, make sure to back it up and make sure that you understand how to restore the registry if a problem occurs. For information about how to back up, restore, and edit the registry, click the following article number to view the article in the Microsoft Knowledge Base:
(http://support.microsoft.com/kb/256986/ )Description of the Microsoft Windows Registry
Windows Server 2003 provides support for implementing the remote procedure call (RPC) protocol over HTTP, known as "RPC over HTTP." By default, RPC over HTTP support is not installed when you install Windows Server 2003, but you can enable it by using Add/Remove Programs.
To determine if you have support for RPC over HTTP enabled on servers running Windows Server 2003, follow these steps:
DCOM is a protocol that can be used on top of the RPC protocol by client / server applications. By default, a server running Windows Server that is configured to support RPC over HTTP will also accept DCOM requests using this protocol. These DCOM requests are then sent to a local port on the server implementing RPC over HTTP (TCP port 593).
Security best practices recommend disabling or removing all nonessential components and services.
If DCOM support is not required on your RPC over HTTP servers, you can remove DCOM support by modifying the registry. To use RPC over HTTP to remove DCOM support, follow these steps:WARNING: If you use Registry Editor incorrectly, you may cause serious problems that may require you to reinstall your operating system. Microsoft cannot guarantee that you can solve problems that result from using Registry Editor incorrectly. Use Registry Editor at your own risk.
When you use RPC over HTTP to remove DCOM support, you can help mitigate the vulnerabilities that are addressed in security bulletin MS03-026 for servers that expose RPC services over HTTP ports 80,443.
For more information about securing RPC over HTTP, visit the following Microsoft Web site:http://msdn2.microsoft.com/en-us/library/aa378642.aspx
Article ID: 826382 - Last Review: September 5, 2007 - Revision: 1.6