Remote Desktop/Term. Serv information leakage

From: kuffya@gmail.com
Date: Fri Jul 01 2005 - 10:41:45 EDT

Next message: Aaron J. Bedra: "Re: Keystroke logging"
Previous message: Pete Herzog: "Re: Skill set ?"
Next in thread: Joachim Schipper: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Joachim Schipper: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Eric Smith: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Kyle Maxwell: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Terry Vernon: "Re: Remote Desktop/Term. Serv information leakage"
Maybe reply: Andre Protas: "RE: Remote Desktop/Term. Serv information leakage"
Reply: Paul Fields: "RE: Remote Desktop/Term. Serv information leakage"
Reply: Thor (Hammer of God): "Re: Remote Desktop/Term. Serv information leakage"
Maybe reply: Ha, Jason: "RE: Remote Desktop/Term. Serv information leakage"
Maybe reply: Salvador.Manaois@infineon.com: "RE: Remote Desktop/Term. Serv information leakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

('binary' encoding is not supported, stored as-is) Hi list,
One of our recent clients has a seperate 'isolated' network where they keep sensitive material. This network is not connected to the internet, is not physically accessible and you can only connect to it using remote desktop. They asked us to test if the isolated network was adequately protected.
Here's what I discovered: When you start a Rem Desktop session from the main network to the isolated one you can actually copy and paste stuff across...this is only true for text not for complete files, and seems to be by design. What is more worrisome is that you can even copy across executables doing simple tricks such as
1)download an executable
2)change extension to .txt
3) copy (the text version) across to a notepad.
4)change it back to .exe
So literally we have a significant leakage over here, introducing threats to the isolated network.
I am posting this to ask your opinion on how this could be mitigated......I think that Remote Desktop is not possible to configure securely since it's not designed as such...and hence it transfers across anything it receives , be it mouse movements or copied & pasted text...
So I was trying to think what would be the best solution, without spending a fortune on a 'secure' commercial solution, that is. Maybe something like SSH tunneling then Rem. Desktop or VNC or what?
And do you think this 'bug' is something investigating any further? Is it something you people knew of?

Thanks a lot.

Next message: Aaron J. Bedra: "Re: Keystroke logging"
Previous message: Pete Herzog: "Re: Skill set ?"
Next in thread: Joachim Schipper: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Joachim Schipper: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Eric Smith: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Kyle Maxwell: "Re: Remote Desktop/Term. Serv information leakage"
Reply: Terry Vernon: "Re: Remote Desktop/Term. Serv information leakage"
Maybe reply: Andre Protas: "RE: Remote Desktop/Term. Serv information leakage"
Reply: Paul Fields: "RE: Remote Desktop/Term. Serv information leakage"
Reply: Thor (Hammer of God): "Re: Remote Desktop/Term. Serv information leakage"
Maybe reply: Ha, Jason: "RE: Remote Desktop/Term. Serv information leakage"
Maybe reply: Salvador.Manaois@infineon.com: "RE: Remote Desktop/Term. Serv information leakage"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.7 : Sat Apr 12 2008 - 10:54:30 EDT