RE: Re: Remote connections

From: Adam Vaxvick (avaxvick_at_sunwaptasolutions.com)
Date: 10/19/04

  • Next message: Conlan Adams: "RE: Re: Remote connections" 
    Date: Tue, 19 Oct 2004 10:04:39 -0600
To: "John Fleming" <jfleming@creativeventuresofboca.com>, "Laura Robinson" <larobins@verizon.net>, "GuidoZ" <uberguidoz@gmail.com>, <focus-ms@securityfocus.com>

    With remote desktop web connection you only connect to a website that
    then installs the RDP activeX control and runs it in your browser, the
    actual RDP connection still takes place over port 3389 and is not
    tunneled through HTTP or SSL.

    The feature you speak of is supposedly coming in Windows Server 2003
    Release 2 which will allow RDP connections to be tunneled through SSL.
    Which yes, would greatly increase security.

    -----Original Message-----
    From: John Fleming [mailto:jfleming@creativeventuresofboca.com]
    Sent: Monday, October 18, 2004 9:04 PM
    To: 'Laura Robinson'; 'GuidoZ'; focus-ms@securityfocus.com
    Cc: bugtraq@planetcobalt.net; paviles@adjoined.com
    Subject: RE: Re: Remote connections

    Aside from creating a VPN tunnel and then performing a Remote Desktop
    session, the only other secure way that I was taught, but never tested
    was through SSL.

    Aparently there is a Remote Desktop Web Connection feature that can be
    installed with IIS 6.0. This can act as a gateway to 2000 and 2003
    Server Terminal Services and XP and 2003 server Remote Desktop machines.
    You communicate through HTTP port 80 or SSL 443. Terminal Services Web
    Connection is installed on the web server to a Virtual Directory called
    TSWEB. It is supposed to act as a gateway between the client and
    terminal server. Like I said, I have never tried it, but would love to
    hear some input on it if anyone has.

    Regards,

    John

    -----Original Message-----
    From: Laura Robinson [mailto:larobins@verizon.net]
    Sent: Saturday, October 16, 2004 5:34 PM
    To: GuidoZ; focus-ms@securityfocus.com
    Cc: bugtraq@planetcobalt.net; paviles@adjoined.com
    Subject: Re: Re: Remote connections

    > > Why not? I don't know of any current exploit for RDP set to high
    > > encryption, and even if there were any, connections may very well be

    > > shielded by encrypted tunnels.
    >
    > I'm not aware of any currently either, but as their track record
    > proves, that's meaningless.

    RDP has been around and used for *years*. Just because Microsoft makes
    something doesn't inherently mean that it is broken and requiring of a
    knee-jerk bigoted approach to it.

    > > RDP can be tunneled thru SSH as well and has much better performance

    > > than VNC (don't know about Radmin).
    >
    > This may very well be true. I'm not up to par as much as I'd like on
    > RDP, although I'm quite well learned on VNC and such. TightVNC has
    > some of the best compression I've ever seen on a remote control app,
    > I've used TightVNC through Dial-up many a times without delay or a
    > problem. I'd love to see RDP perform the same feat.

    Um, it does. I've done it many, many times. And RAdmin is garbage as far
    as what it does to the machine on which it's running unless you remember
    to crank down its refresh rate to a near-nonexistent level.
    >
    > But I digress. Again, I very well could be wrong about RDP. I've
    > always leaned towards other remote control programs due to problems
    > that usually arises with proprietary programs. (I've been using a form

    > of WinVNC since before RDP was even thought of.)

    Don't be too sure- do you know where RDP came from? With that said, I
    think it's time for you to take a look at it before making what you
    admit are biased statements about it. Never comment on something you've
    not used is usually a good approach, I find.

     

    ------------------------------------------------------------------------ 

    ---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
------------------------------------------------------------------------
---
---------------------------------------------------------------------------
---------------------------------------------------------------------------
  • Next message: Conlan Adams: "RE: Re: Remote connections"

    Relevant Pages

    • Re: 404 when trying to connect via Remote Desktop Web Connection
      ... Any network that blocks TCP Port 3389 outbound or inbound will break Remote ... Desktop and Remote Desktop Web connection. ... The problem is with attempting to connect using the Remote Desktop Web ...
      (microsoft.public.windowsxp.work_remotely)
    • Vista Remote Desktop disconnects after about 20 minutes
      ... The RDP ... the remote desktop connection disconnects. ... the login screen, then when I try to login - the screen starts the login ...
      (microsoft.public.windows.vista.networking_sharing)
    • Re: Connecting from the NET to your CPU
      ... Troubleshooting Remote Desktop Connection ... Set up this computer to use Remote Desktop ... Install Remote Desktop Web Connection ... Connect to another computer using Remote Desktop Web ...
      (microsoft.public.windowsxp.accessibility)
    • Re: Remote Desktop Connection
      ... I have already checked that the "remote desktop" was enabled, ... the server. ... This is the terminal services or RDP port. ... I'm trying to establish a Remote Desktop Connection to my SBS 2003 ...
      (microsoft.public.windows.server.sbs)
    • Re: Remote Desktop Web Connection with Windows XP
      ... I have managed to set-up the Remote Desktop Web Connection and forward the ... You will also need to forward/open TCP Port 80 and TCP Port 3389 (Remote Desktop). ...
      (microsoft.public.windowsxp.work_remotely)