Named-pipes puzzle solved for admins

But there are times that's not necessarily a good thing—for instance, if you inherit someone else's server, and you don't know which services might be opening named pipes, which could constitute an attack vector. If you don't know about the existence of a named pipe that anyone can connect to, or don't know what the available permissions are on a named pipe, it can be difficult to find out.

Programmer Craig Peacock has written a utility to get to the bottom of the named-pipe puzzle: Pipesec, also known as the Win32 Pipe Security Viewer. When run on any version of 32-bit Windows, it will return a list of available pipes—even on a desktop Windows XP system, there are quite a few!—and can be used to examine and change the security information, permissions, ownership and auditing for any pipe.

The program's basic mode consists

Digg This!     StumbleUpon     Del.icio.us

RELATED CONTENT Windows Server Monitoring and Management Simple tools and techniques for finding Windows memory leaks Top Windows server hardening standards and guidelines Hyper-V gains new resiliency features with Windows Server 2008 R2 Troubleshooting Windows print spooler crashes Windows server hardening: How much is enough? Terminal Services grows up with Windows Server 2008 R2 Top five Server Core management tips for Windows 2008 Windows Server 2008 R2: Not your father's R2 upgrade The bottom line on Microsoft Hyper-V Does Microsoft Hyper-V fit in the dynamic data center?

RELATED RESOURCES 2020software.com, trial software downloads for accounting software, ERP software, CRM software and business software systems Search Bitpipe.com for the latest white papers and business webcasts Whatis.com, the online computer dictionary

of a simple dump of the local pipe list, which you can obtain by running the program without any switches. If you want to bring up the access control list for a given pipe, type pipesec \\.\pipe\, where is the actual pipe name. If you use the syntax pipesec \\.\pipe, you'll get the default pipe security descriptor.

To examine or edit the ACL for a pipe on another computer, use pipesec \\\pipe\, where is the remote address of a computer (either an Internet address or a NetBIOS address). Note: You won't be able to talk to a computer's remote pipes unless they are allowed to send and receive RPC messages. For instance, if they're behind a firewall, this will generally not work.

About the author: Serdar Yegulalp is editor of the Windows Power Users Newsletter. Check it out for the latest advice and musings on the world of Windows network administrators. He is also the author of the book Windows Server Undocumented Solutions.

More information from SearchWinSystems.com

Rate this Tip To rate tips, you must be a member of SearchWindowsServer.com. Register now to start rating these tips. Log in if you are already a member. Submit a Tip DISCLAIMER: Our Tips Exchange is a forum for you to share technical advice and expertise with your peers and to learn from other enterprise IT professionals. TechTarget provides the infrastructure to facilitate this sharing of information. However, we cannot guarantee the accuracy or validity of the material submitted. You agree that your use of the Ask The Expert services and your reliance on any questions, answers, information or other materials received through this Web site is at your own risk.