Re: TS/3389 risk on Internet

From: Lennart Sorth (Lennart.Sorth@uni-c.dk)
Date: Fri Oct 29 2004 - 02:53:19 EDT

• Next message: Burnett, Robert: "Frontpage files"
• Previous message: Randy Golly: "RE: An idiot question"
• In reply to: net sec: "TS/3389 risk on Internet"
• Next in thread: Adam Jones: "Re: TS/3389 risk on Internet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

net sec wrote:
> Does anyone know if the login/password
> is sent in clear text for TS authentication?

Well, its certainly sent unencrypted, if not clear text.

You can install Cygwin on the DC, and tunnel tcp-3389 through
a SSH connection. This way the security is provided by, and
can be maintained by means of the Cygwin SSH implementation.

And if you use ssh compression, it is usually even faster
than doing the TS directly.

Best regards

Lennart Sorth
UNI-C
Denmark

• Next message: Burnett, Robert: "Frontpage files"
• Previous message: Randy Golly: "RE: An idiot question"
• In reply to: net sec: "TS/3389 risk on Internet"
• Next in thread: Adam Jones: "Re: TS/3389 risk on Internet"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:07 EDT