RE: RDP and security

[TSimons () Delphi-Tech com]

In our eyes the biggest design flaw is that there is no authentication prior
to the windows authentication.  PCs in a locked office are more secure than
a Terminal Server out on the public internet... because you need a key to
get into the office.

-----Original Message-----
From: Mordechai T. Abzug [mailto:morty () frakir org]
Sent: Friday, November 21, 2003 12:48 AM
To: firewall-wizards () nfr com
Subject: [fw-wiz] RDP and security



Anyone have any strong opinions on the security of RDP (Microsoft's
terminal server/remote desktop protocol)?  Poking around on the net, I
see that they've had at least one design flaw that supposedly hasn't
been fixed (ie. server identification.)  Any other design problems?

Thanks!

- Morty
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards