Is there anonymous access to Windows named pipes in Automation Point?
Article ID: 118553
Updated On:
Products
Automation Point
Issue/Introduction
The Security Operations group has announced that they are making Active Directory changes in the near future to help secure our environment.
These are two of the items they are changing:
1. Disabling basic authentication for Windows Remote Management (WinRM). WinRM is a Windows feature that allows administrators to remotely run management scripts. It supports several methods of authentication with basic being the least secure. Less secure authentication could leave the bank vulnerable to unauthorized access.
2. Restricting anonymous access to named pipes (which provide communication between processes on the same computer and between processes from different computers across the network) to prevent unauthorized activity.
There has been seen pipes on the system with AXC in the name, making you think that CA-AP is using pipes, but it's not know if these are used for anonymous access to a named pipe. This information comes from opening a PowerShell window and typing "get-childitem \\.\pipe\".
These are two of the items they are changing:
1. Disabling basic authentication for Windows Remote Management (WinRM). WinRM is a Windows feature that allows administrators to remotely run management scripts. It supports several methods of authentication with basic being the least secure. Less secure authentication could leave the bank vulnerable to unauthorized access.
2. Restricting anonymous access to named pipes (which provide communication between processes on the same computer and between processes from different computers across the network) to prevent unauthorized activity.
There has been seen pipes on the system with AXC in the name, making you think that CA-AP is using pipes, but it's not know if these are used for anonymous access to a named pipe. This information comes from opening a PowerShell window and typing "get-childitem \\.\pipe\".
Environment
Release:
Component: ATMXC
Component: ATMXC
Resolution
The answer to these 2 changes is :
For the first change, CA Automation Point is not using the Windows Remote Management.
For the second change, CA Automation Point never required any special access to anonymous named pipes. All our test system already have the “Restrict anonymous access to Named Pipes and Shares” setting enabled by default and we never experienced any issues. So if you refer to this setting, CA AP isn’t affected by this setting at all.
For the first change, CA Automation Point is not using the Windows Remote Management.
For the second change, CA Automation Point never required any special access to anonymous named pipes. All our test system already have the “Restrict anonymous access to Named Pipes and Shares” setting enabled by default and we never experienced any issues. So if you refer to this setting, CA AP isn’t affected by this setting at all.
Feedback
Yes
No
Powered by
