Security Basics mailing list archives

RDP Encryption Level (was RE: RDP sniffing)

From: "Rui Pereira (WCG)" <wavefront1 () shaw ca>
Date: Mon, 31 Dec 2007 09:09:06 -0800

While we're talking RDP, does anyone know how to identify the encryption
level in use, remotely? 

Thank You
Rui
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On
Behalf Of MaddHatter
Sent: December 28, 2007 5:28 PM
To: security-basics () securityfocus com
Subject: Re: RDP sniffing

Windows RDP is encrypted. ...


I forgot to mention that RDP is vulnerable to a man-in-the-middle
attack. (That is, if you're not using certificates, which as I mentioned
I haven't looked into at all.)


No virus found in this incoming message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.17.12/1203 - Release Date: 30/12/2007
11:27 AM
 

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.17.12/1203 - Release Date: 30/12/2007
11:27 AM

Current thread:

RDP sniffing Fran Lopez (Dec 26)
- Re: RDP sniffing Stewart Gray (Dec 27)
  - Re: RDP sniffing Nobody Special (Dec 27)
  - Re: RDP sniffing MaddHatter (Dec 28)
    - Re: RDP sniffing MaddHatter (Dec 31)
    - RDP Encryption Level (was RE: RDP sniffing) Rui Pereira (WCG) (Dec 31)
    - RE: RDP Encryption Level (was RE: RDP sniffing) Anich, Ryan L. (Dec 31)
- Message not available
  - Re: RDP sniffing Fran Lopez (Dec 27)
- RDP sniffing Fran Lopez (Dec 27)
- RE: RDP sniffing Ian Smith (Dec 28)
  - RE: RDP sniffing Lenny Hansson (Dec 31)
- <Possible follow-ups>
- Re: Re: RDP sniffing kurt . kessler (Dec 28)
- Re: RDP sniffing krymson (Dec 28)
  - RE: RDP sniffing Timmothy Lester (Dec 28)
- RE: RDP sniffing krymson (Dec 31)