karna
Reputation: 21
How to resolve Vulnerable Named Pipes security issues in attach surface analyzer report?
I have generated attack-surface-analysis-report. and got one security issue related Vulnerable Named Pipes. and decription was "The ACL on pipe SafeNet-SentinelPIPE-3420-5088 allows tampering by multiple non-administrator accounts."
I have checked in my code for named pipes. I doesn't used any named pipes in my application still i'm getting this security issue on attach surface analyzer report. I have checkedin services and windows, whether I'm using any named pipes-Safenet or SentinelPipe.
Upvotes: -1
Views: 902
Answers (1)
karna
Reputation: 21
When you get security issue like "Vulnerable Named Pipes".
- First check in code you're using any named pipes, if yes add access perssions to that
- If not, check in control panel for safenet or Sentinel.
- Uninstall the Sentinel from programs and run again attack-surface-analysis.
- This time you dont see any security issues related sentinel.
Upvotes: 0
Related Questions
- How to set PipeSecurity of NamedPipeServerStream in .NET Core
- Why can't the profiler attach?
- Setting named pipe security in a Domain
- How to turn off Named Pipe security?
- Prevent the use of ImpersonateNamedPipeClient()
- Low integrity to medium/high integrity pipe security descriptor
- How do I change security for an existing named pipe?
- Protect BIRT's report
- CreateNamedPipe without PIPE_REJECT_REMOTE_CLIENTS
- How do you create Windows security descriptors in managed code?