A different question RE: Windows Remote Desktop

["David Gillett" <gillettdavid () fhda edu>]

  We don't allow RDP to/from off-site locations, but we've
been using it to allow a couple of folks to, from their
office desktops, connect to strategically placed servers
to sniff specific network segments.
  This worked fine from sometime in September until the
Christmas/New Year's break, during which we had a scheduled
power shutdown.  Everything came back on after the shutdown,
and most boxes involved have been rebooted individually
since.
  But although sniffing still works fine from the server
console, RDP clients get a general-purpose error message 
that seems to indicate that they don't have the necessary
permissions, or there's some other kind of problem, with
the adapter that connects to the sniffed segment.

  Since sniffing from the console works, we know it's not an
adapter or port configuration issue, or a switch port issue.
Since several privileged accounts, including Administrator,
*can* sniff from the console but not from an RDP session,
we're convinced it's not an account privileges issue.
  And since it worked before the power shut-down, we know
it can be made to work.

  Has anyone who works more extensively with RDP seen anything
similar?  Or have you a useful theory that might help explain
what we're seeing?

Dave Gillett



---------------------------------------------------------------------------
Ethical Hacking at InfoSec Institute. Mention this ad and get $720 off any 
course! All of our class sizes are guaranteed to be 10 students or less. 
We provide Ethical Hacking, Advanced Ethical Hacking, Intrusion Prevention, 
and many other technical hands on courses. 
Visit us at http://www.infosecinstitute.com/securityfocus to get $720 off 
any course!  
----------------------------------------------------------------------------