Security Basics mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Terminal Services over VPN

From: "Peter Van Eeckhoutte" <peter.ve () pandora be>
Date: Fri, 15 Aug 2003 13:48:02 +0200
Terminal Services in itself is not secure. The encryption algoritm may be
weak, people have discovered a DoS & Mitm vulnerability;
and tsgrinder allow people to brute force Terminal Service users...

Running TS over VPN is the recommended way;  it runs fine (and fast
enough... the only traffic consists of screen information; no real data)
A normal TS session requires about 18k to run fast  (I know Citrix is
faster, but it is more expensice too)

Hope this helps

----- Original Message ----- 
From: "David Y. Ng" <dng () cmhsweb org>
To: <security-basics () securityfocus com>
Sent: Thursday, August 14, 2003 9:42 PM
Subject: Terminal Services over VPN



Has anyone used Terminal Services over Microsoft's VPN
server? I need to run some program off the server and when I
used just the VPN, it was terribly slow. The solution on paper
is to run the program off Terminal Services and just let it
pass through the VPN which could be faster, supposedly.

Any experiences with this? Is Terminal Services in itself
secure? I read there's some form of encryption also but
is it comparable to VPN in a way?


--------------------------------------------------------------------------

-

--------------------------------------------------------------------------

--









---------------------------------------------------------------------------
----------------------------------------------------------------------------
Previous By Date Next
Previous By Thread Next

Current thread: