nn Writing applications to communicate via FTP took time and were I/O expensive. nn Distributions of the client application were a nightmare. Any time changes needed to be done on the client, the effort would have to be replicated on the server and setup diskettes would need to be made all over again. Consequently,  this  method  experienced  severe  shortcomings,  as  the server application was limited to parsing the application for which it was written. Another downfall of the FTP method was that you had to read and write to a file. I/O operations are expensive, so to perform this task on a laboriously busy server could spell performance problems, potentially generating its own brute-force denial-of-service attack against itself if it became too busy handling I/O-intensive client requests. The final problem with the FTP method was that the response time from the server was often not real time. The fact that the application had to per- form I/O processing, and that it often scheduled a task or service running intermittently to look for available files within a specific folder, made the real-time performance slower than the TCP method. The writing was on the wall: The world was in dire need of a new proto- col, one that is TCP compliant, is standard across all platforms, and over- comes  the  problems  associated  with  historical  ways  of  communicating with remote applications. Furthermore, a language was needed to transport data from application to application. It no longer made sense to write string parsers that were tied to specific applications that would need to be rewritten to accommo- date each new applications data structure. As a result, the technical world has changed. The efforts to continually improve efficiency and decrease complexity have introduced a latecomer to the protocol kingdom, an appellation celebrated by the acronym SOAP. Its fortitude relies completely on the well-known XML standard. DCOM Remote  Procedure  Calls  (RPC)  are  intended  to  allow  individuals  to  run processes on distributed systems. The primary downfalls of RPC are secu- rity  and  configuration.  The  following  attacks  might  be  possible  when allowing distributed RPC communication: nn Port mapping nn Spoofing 10 Chapter 1