RE: remote desktop question

["Stacy Olivas" <olivas () digiflux org>]

Yes it does, but, like anything else, adding an extra layer of security
doesn't hurt too much.

Besides, I'm sure a lot of people on this list may argue as to whether or
not the encryption used in these
products is really secure, or if they are just there as "marketing hype".
(How many exploits/compromises have there
been as a result of these "services"?)

The question boils down to:  How much security is right for you?  And do you
value your systems/data?

Here are some interesting links on the issue:
http://online.securityfocus.com/archive/1/292127
http://www.secunia.com/advisories/7118/

and finally:

http://support.microsoft.com/default.aspx?scid=KB;en-us;324380&;




-----Original Message-----
From: ekluegel () web de [mailto:ekluegel () web de]
Sent: Thursday, January 02, 2003 7:58 PM
To: security-basics () securityfocus com
Cc: Stacy Olivas; scottslists () barringtonlibrary org
Subject: Re: remote desktop question


Am Donnerstag, 2. Januar 2003 19:33 schrieb Stacy Olivas:
The rdp 4/5 (Microsoft) and ICA (Citrix) protocol are encryptet by design.

See an overview about ICA and RDP:

http://www.microsoft.com/windows2000/server/evaluation/features/rdp.asp


> Whenever I use Terminal Services (a.k.a Remote Desktop) I establish an ssh
> session and use the port forwarding feature
> to tunnel the ts session thru.
>
>
> -----Original Message-----
> From: scott [mailto:scottslists () barringtonlibrary org]
> Sent: Thursday, January 02, 2003 5:38 PM
> To: security-basics () securityfocus com
> Subject: remote desktop question
>
>
> hi,
>
> this might be a stupid question but, is there any encryption used with
> remote desktop.  also, if there is not is there any products (free or low
> cost) that i can use to protect my remote desktop connections, such as
vpn,
> and what is the best way to set it up?
>
> thanks
>
> Scott

--
CU Elmar