Re: Remote Desktop/Term. Serv information leakage

From: Joachim Schipper (j.schipper_at_math.uu.nl)
Date: 07/02/05

  • Next message: Thor (Hammer of God): "Re: Remote Desktop/Term. Serv information leakage"
    Date: Sat, 2 Jul 2005 03:03:08 +0200
    To: pen-test@securityfocus.com
    
    

    On Fri, Jul 01, 2005 at 01:25:54PM -0500, Terry Vernon wrote:
    > write a daemon to run on the windows box that won't allow renaming the
    > file extensions of .txt to anything else. do it for every type of file
    > you can paste text in. Set up better controls for traffic going to the
    > remote desktop so only trusted people can access it. if you could access
    > it from outside the private net and your computer had internet access
    > then that network is accessible from the internet just not directly. It
    > would take some doing but if a network has one wire going to any number
    > of other networks that have one wire that touches the internet you can
    > bet that it is crackable however improbable it seems.
    >
    > Terry Vernon
    > CTO
    > Sprite Technologies

    Preventing renaming of .txt is not very useful, as notepad will gladly
    save it as whatever you please, including .exe. And if notepad, by some
    leap of logic on MS' part, lost this ability since I last used Windows,
    there are literally hundreds of other tools that won't complain. In the
    worst case, just use DOS' edit, which has a lot less compunctions about
    'proper' file types.

    Copying binary files accross the clipboard may or may not work; in the
    worst case, compile yourself a Win32 exploit and do a manual
    byte-by-byte copy using your hex editor of choice.

    Copying stuff from the secured network is still remarkably easy; in the
    worst case, open a document, take a snapshot of your (remote) desktop,
    and repeat until bored. Then compress the images and mail them off.

    I wholly agree with you on the 'indirectly connected' comment, though.
    With the addition that properly secured machines *aren't* crackable. Or
    at least, not easily.

    I'm still not sure what the original poster is trying to guard against,
    though...

                    Joachim


  • Next message: Thor (Hammer of God): "Re: Remote Desktop/Term. Serv information leakage"

    Relevant Pages

    • RE: Serious Security Issue in Windows XP SP2s Firewall
      ... option to limit it to your internal network IP addresses. ... Serious Security Issue in Windows XP SP2's Firewall ... > connect to the Internet via dial-up or ISDN. ... > the dial-up connection as soon as you were connected to the Internet. ...
      (Focus-Microsoft)
    • Fw: Serious Security Issue in Windows XP SP2s Firewall
      ... Serious Security Issue in Windows XP SP2's Firewall ... > connect to the Internet via dial-up or ISDN. ... > network at home: Often, we did not even encounter password protection. ... > the dial-up connection as soon as you were connected to the Internet. ...
      (Focus-Microsoft)
    • Serious Security Issue in Windows XP SP2s Firewall
      ... PC-WELT discovers and fixes serious security issue in Windows XP SP2 ... Internet via dial-up or ISDN. ... Internet Connection Sharing of the PC ... network at home: Often, we did not even encounter password protection. ...
      (Bugtraq)
    • Re: Big hole??
      ... supposedly safe SP2 for Windows XP invites any Internet ... Connection Sharing of the PC has to be disabled. ... visible in their network at home: ...
      (microsoft.public.windowsxp.general)
    • Re: Wireless network issue for two SP2 computers
      ... with DSL Internet ... When I pull up view network computers, when I try to add network ... >The LAN connection also has TCP/IP, with Client for MS Networks, QoS Packet ... If the computers run the original or SP1 versions of Windows XP, ...
      (microsoft.public.windowsxp.network_web)