RE: [Full-Disclosure] Re: Terminal Server vulnerabilities
From: Bob the Builder (builder173_at_hotmail.com)
To: email@example.com, firstname.lastname@example.org, daniels@Ponderosatel.com Date: Tue, 25 Jan 2005 10:30:07 +0000
Are any of the vulnerabilities in this google search even vaguely current?
They all seem to be at least a couple of years old, I don't recall anything
recent, posting NT 4 and pre Win2k SP3 issues is hardly contradicts the MS
statement that there are no current issues. The main security issue with
Terminal Services that I see its susceptability to brute force password
attacks. If you are really really paranoid about running Terminal Services
then tunnel it over either SSH or IPSec. I would point out that there have
been root compromises in SSH fairly recently too!
Also, as a usability asside make sure you set session time outs or you risk
finding yourself accidentally locked out of the box if you have too many
dodgey disconnected sessions. I usually set active:1day, inactive:1hr,
disconnected:10mins. That way if the box is monkeying about or people leave
sessions open you can still get in - useful if the box is too far away to go
to the console.
From: Daniel H. Renner [mailto:email@example.com]
Sent: 25 January 2005 07:19
Subject: [Full-Disclosure] Re: Terminal Server vulnerabilities
>Date: Mon, 24 Jan 2005 15:52:55 -0800
>From: "Daniel Sichel" <daniels@Ponderosatel.com>
>They claim there are no unfixed vulnerabilities to Terminal Server on
>Windows Server 2000 Service Pack 4.
>I find that hard to believe and I know you guys will know if they are full
>of it, or they are correct. Please let me know ASAP of any CURRENT
>vulnerabilities int Terminal Server.
Try here for starters:
Full-Disclosure - We believe in it.