Re: (prevent + detect Arp spoofing) + Securing Terminal Services

From: Deus, Attonbitus (Thor_at_HammerofGod.com)
Date: 05/08/03

  • Next message: Pidgorny, Slav: "RE: IPSEC through Ms ISA Server" 
    Date: Thu, 08 May 2003 14:29:00 -0700
To: "Dan Rowe" <suedes098@yahoo.com>, <focus-ms@securityfocus.com>

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    At 01:02 PM 5/8/2003, Dan Rowe wrote:

    > I heard about the man-in-the-middle exploit that has been found
    > for
    >
    >terminal services, and have learned that using ssl with terminal
    >services
    >
    >can avoid this exploit, but in my case, i am unable to use ssl.

    The post to BT about using SSL and the TSAC web client was actually
    incorrect. Launching the activeX control via SSL is only secure for
    the
    control download- once the control in instantiated in memory, it
    directly
    connects to the tserver from the client - the SSL session no longer
    applies.

    A good bet is certificate based VPN or IPSEC between the hosts. And
    you
    can use IPSec to firewall off the IP/Ports to/from the addresses you
    want. You might also play with the new Basic Firewall option in RRAS
    on
    Win2k3.

    hth

    t

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0

    iQA/AwUBPrrMIohsmyD15h5gEQIH1QCfb0/a2F6fTZr+ymgXezcb2j9E97MAoMWP
    6cZ/0k/9YWRbz2JF8pkfWGDl
    =eqib
    -----END PGP SIGNATURE-----

    -----------------------------------------------------------------------------
    FastTrain has your solution for a great CISSP Boot Camp. The industry`s most
    recognized corporate security certification track, provides a comprehensive
    prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization
    of pertinent security tools. For a limited time you can enter for a chance
    to win one of the latest technological innovations, the SEGWAY HT.
    Log onto http://www.securityfocus.com/FastTrain-focus-ms
    ------------------------------------------------------------------------------

  • Next message: Pidgorny, Slav: "RE: IPSEC through Ms ISA Server"

    Relevant Pages

    • Re: Remote Desktop Web Connection
      ... SSL will not add anything to the security in this case. ... contains just an ActiveX component that acts as Terminal Services client. ... This client will connect to terminal service in same way as any other TS ...
      (microsoft.public.inetserver.iis.security)
    • Re: RDP Security - Preventing clients from mapping drives
      ... There is no way of controlling it on the client. ... Your Terminal Services Security Website ... Server (outside of our corporate control) in order to run a medical ...
      (microsoft.public.windows.terminal_services)
    • [NT] Microsoft SSL Library Remote Compromise Vulnerability (MS04-011, Exploit)
      ... Get your security news from a reliable source. ... condition in the Microsoft Secure Sockets Layer (SSL) library. ... the PCT 1.0 protocol is disabled by default. ...
      (Securiteam)
    • RE: Checkpoint smart defance as IPS
      ... SSL is perceived by many as secure. ... Again, SSL is about privacy, not security. ... you don't understand why SSL is regarded secure. ... in order to intercept, ISP requires court order. ...
      (Security-Basics)
    • [fw-wiz] Help- Nat-t
      ... Security of HTTPS ... > Is there some possibility of a MITM attack? ... HTTPS relies on SSL / TLS. ...
      (Firewall-Wizards)