Hardening recommendations (4/4)

Using the named pipe firewall available in XP SP2 and W2K3 SP1
- Named pipe filtering can be dynamically enabled by setting the PipeFirewallActive registry value to 1 (not present by default)
- Named pipe filtering applies to all SMB sessions (NULL sessions and authenticated sessions)
- List of allowed named pipes specified in the AllowedPipes registry value (REG_MULTI_SZ)
- Setting PipeFirewallActive to 1 and AllowedPipes to "" (empty string) is the equivalent of removing the IPC$ share

Using the named pipe firewall available in XP SP2 and W2K3 SP1