Bugtraq mailing list archives
RE: Microsoft Terminal Services vulnerable to MITM-attacks.
From: "Ziots, Edward" <EZiots () Lifespan org>
Date: Wed, 9 Feb 2011 16:24:00 -0500
If someone 0wns your pipe between you and the Terminal Server(s) then you got bigger problems then the existing MITM attack. Whether the attack sets it up via ARP spoofing, or other trickery. If you are really worried about this, encrypt your communications via IPSEC. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:eziots () lifespan org Cell:401-639-3505 -----Original Message----- From: Ansgar Wiechers [mailto:bugtraq () planetcobalt net] Sent: Wednesday, February 09, 2011 7:46 AM To: bugtraq () securityfocus com Subject: Re: Microsoft Terminal Services vulnerable to MITM-attacks. On 2011-02-08 sam.vaughey () gmail com wrote:
Does this issue still exist ?
Depends on the configuration. Unless configured to require network level authentication, RDP is still prone to MitM attacks AFAIK. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
Current thread:
- Re: Microsoft Terminal Services vulnerable to MITM-attacks. sam . vaughey (Feb 08)
- Re: Microsoft Terminal Services vulnerable to MITM-attacks. Ansgar Wiechers (Feb 09)
- RE: Microsoft Terminal Services vulnerable to MITM-attacks. Ziots, Edward (Feb 10)
- RE: Microsoft Terminal Services vulnerable to MITM-attacks. Jim Harrison (Feb 09)
- Re: Microsoft Terminal Services vulnerable to MITM-attacks. Ansgar Wiechers (Feb 09)