Re: (prevent + detect Arp spoofing) + Securing Terminal Services

From: Deus, Attonbitus (Thor_at_HammerofGod.com)
Date: 05/08/03

  • Next message: Pidgorny, Slav: "RE: IPSEC through Ms ISA Server"
    Date: Thu, 08 May 2003 14:29:00 -0700
    To: "Dan Rowe" <suedes098@yahoo.com>, <focus-ms@securityfocus.com>
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

    At 01:02 PM 5/8/2003, Dan Rowe wrote:

    > I heard about the man-in-the-middle exploit that has been found
    > for
    >
    >terminal services, and have learned that using ssl with terminal
    >services
    >
    >can avoid this exploit, but in my case, i am unable to use ssl.

    The post to BT about using SSL and the TSAC web client was actually
    incorrect. Launching the activeX control via SSL is only secure for
    the
    control download- once the control in instantiated in memory, it
    directly
    connects to the tserver from the client - the SSL session no longer
    applies.

    A good bet is certificate based VPN or IPSEC between the hosts. And
    you
    can use IPSec to firewall off the IP/Ports to/from the addresses you
    want. You might also play with the new Basic Firewall option in RRAS
    on
    Win2k3.

    hth

    t

    -----BEGIN PGP SIGNATURE-----
    Version: PGP 8.0

    iQA/AwUBPrrMIohsmyD15h5gEQIH1QCfb0/a2F6fTZr+ymgXezcb2j9E97MAoMWP
    6cZ/0k/9YWRbz2JF8pkfWGDl
    =eqib
    -----END PGP SIGNATURE-----

    -----------------------------------------------------------------------------
    FastTrain has your solution for a great CISSP Boot Camp. The industry`s most
    recognized corporate security certification track, provides a comprehensive
    prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization
    of pertinent security tools. For a limited time you can enter for a chance
    to win one of the latest technological innovations, the SEGWAY HT.
    Log onto http://www.securityfocus.com/FastTrain-focus-ms
    ------------------------------------------------------------------------------


  • Next message: Pidgorny, Slav: "RE: IPSEC through Ms ISA Server"