Re: Microsoft Terminal Services vulnerable to MITM-attacks.

From: Henrik Storner (henrik-bb@hswn.dk)
Date: 04/04/03

  • Next message: Pavel shpac: "buffalo AirStation G54 - (WBR-G54 ) DoS"
    To: bugtraq@securityfocus.com
    From: Henrik Storner <henrik-bb@hswn.dk>
    Date: Fri, 4 Apr 2003 05:32:39 +0000 (UTC)
    
    

    In <1049409543.15153.6.camel@devinlinux.netilla.com> Devin Heitmueller
    <dheitmueller@netilla.com> writes:

    >On Wed, 2003-04-02 at 19:09, Larry Seltzer wrote:
    >> >>RDP is vulnerable to Man In The Middle attacks
    >>
    >> Do you know if ICA (Citrix products) is also vulnerable?
    >
    >The ICA Protocol is also vulnerable. They use Diffe-Hellman for key
    >agreement. But there is no PKI in the protocol to verify the identity
    >of the server.

    AFAIK, Citrix' recommendation if you want to guard against this
    type of attack is to use their Citrix Secure Gateway software,
    which tunnels the ICA protocol data inside an SSL connection.
    This uses the normal SSL certificate handshake to verify the
    identity of the server.

    Henrik Storner


  • Next message: Pavel shpac: "buffalo AirStation G54 - (WBR-G54 ) DoS"

    Relevant Pages

    • Re: Citrix
      ... Is therea tool available to access the Citrix ... Citrix traffic is always transmitted in ICA protocol. ... CMC ... farm itself and permissions are gained from within the Datastore for the farm. ...
      (Pen-Test)
    • Re: Cant Mount Mailbox Store or Publick Folder Store
      ... My citrix is working now using ICA Client but after I tried to restart my Mail Server. ... "Mukesh" wrote: ... Either there are network problems or the Microsoft Exchange Server computer is down for maintenance. ...
      (microsoft.public.exchange.admin)
    • Re: How does Citrix run it faster? was Re: Microfocus COBOL 3.2.43 (16bit)
      ... over 25 sites) runs on Citrix served up from servers here in Austin. ... have moved a lot of stuff to zLinux, and in the process would up writing ... When Word loads for the ... doing anything else but managing the screen, while the server is pretty much ...
      (comp.lang.cobol)
    • Re: Long and quite bizzare network problem
      ... Is Admin3 the master browser on the network? ... setting on all computers except for the main server (which should be online ... > the remote location are using Citrix over a nailed T1.Main and Citrix ...
      (microsoft.public.win2000.networking)
    • RE: Windows Remote Desktop
      ... SSL/HTTPS then use the Citrix ICA encryption on top of that, ... Citrix can be more secure then RDP. ... change the server information and harder for it to connect to a 'wrong' ... >We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion ...
      (Security-Basics)