locked
Windows 2008 Issue with SCCM, WSUS and AD Role RRS feed

  • 問題

  • HI ALL,


    Please help. Thanks.


    Issue 1 - DNS Query ID Field Prediction Cache Poisoning in SCCM Windows 2008 server


    This is a problem which was identified by the auditor during the internal IT audit for the SCCM Windows 2008.

    We study related ms08-037 document but cannot confirm what action the solution for Windows 2008. Please help to find out the solution of this problem. Thanks.

    Affected Host: SCCM_Server (10.0.0.1)
    Affected Ports:  domain (53/udp)

    Description:

    The remote DNS resolver does not use random ports when making queries to third party DNS servers.

    This problem might be exploited by an attacker to poison the remote DNS server more easily, and therefore divert legitimate traffic to arbitrary sites.

    Solution:

    Apply the patch according to http://www.microsoft.com/technet/security/bulletin/ms08-037.mspx.

    Issue 2 – Loop hole for SCCM in Windows 2008 server with AD role.

    This is a problem which was identified by the auditor during the internal IT audit.

    Please help to find out the solution of to disable NULL BINDs in LDAP. Thanks.

    SCCM_Server (10.0.0.1)
    ldap (389/tcp)

    Description:

    The LDAP server on the remote host is currently configured such that a user can connect to it without authentication - via a 'NULL BIND'.  This may result in disclosure of information that an attacker could find useful.

    Solution:
    Configure the LDAP server so that it does not allow NULL BINDs.

    Description:

    Improperly configured LDAP servers will allow the directory BASE to be set to NULL. This allows information to be culled without any prior knowledge of the directory structure. Coupled with a NULL BIND, an anonymous user can query your LDAP server using a tool such as 'LdapMiner'.

    Solution:
    Disable NULL BASE queries on your LDAP server.

    Issue  3 – Microsoft Report Viewer 2008 Redistributable Required for WSUS 3.0 SP2 update in Windows 2008 server

    Microsoft Report Viewer 2005 installed for WSUS 3.0 requirement. We try to update WSUS 3.0 SP2 but installation wizard send a warning that “Microsoft Report Viewer 2008 Redistributable is required”. Is there any issue for uninstalling Report Viewer 2005 and try to install Report Viewer 2008? Please advice.

    Best regards,
    Kenhk
    2009年11月30日 上午 06:52

解答

  • Dear Customer,

    Based on my research, this issue is related to SCCM. I recommend you contact for more dedicated assistance. I believe that you will get detailed and informative suggestions there.

     

    Management Server Forum:

    http://social.microsoft.com/Forums/zh-HK/managementserverzhcht/threads


    Thank you for your understanding.

    Sincerely,
    Tom Zhang


    Tom Zhang – MSFT
    2009年12月4日 上午 02:06
    版主