May 24, 2021 at 9:02 pm
In our environment we have two servers on two separate domains (one is in DMZ, other in internal network) and we need them to be able to use distributed transactions. The transactions would be initiated from the server on the internal network via linked server. The server on the DMZ would only be able to allow inbound transactions. It seems that the only way to do this is to configure the MSDTC with "no authentication required" , in addition to opening firewalls and modifying the net bios host file to create DNS entries on both servers. What are the security implications/risks if any of using the "no authentication required" transaction mode? Does this open up our internal network to potential attacks/vulnerabilities?
May 25, 2021 at 5:21 pm
From the Microsoft documentation:
When this option is enabled, network communication between DTC services can fall back to non-authenticated communication or to non-encrypted communication if a secure communication channel cannot be established.
link:
https://docs.microsoft.com/en-us/troubleshoot/windows/win32/new-functionality-in-msdtc-service
It basically means that any distributed transactions are vulnerable to MITM attacks as well as 3rd parties hammering your DTC server with requests as no authentication is required.
The above is all just my opinion on what you should do.
As with all advice you find on a random internet forum - you shouldn't blindly follow it. Always test on a test server to see if there is negative side effects before making changes to live!
I recommend you NEVER run "random code" you found online on any system you care about UNLESS you understand and can verify the code OR you don't care if the code trashes your system.
Viewing 2 posts - 1 through 1 (of 1 total)
You must be logged in to reply to this topic. Login to reply