Penetration Testing mailing list archives
Re: AW: MS Terminal Services open to the world
From: John the Kiwi <john () johnthekiwi com>
Date: 16 Jan 2003 21:42:00 -0600
You should also look into publishing TS on a port other than 3389. HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\winstations\RDP-TCP Edit the key Port Number to enable the port you wish to connect to. If you change the port to be 45535 just type the following into your favourite TS client:192.168.1.1:45535 Rdesktop supports this from Beta 1.2 - any MS TS client will accept this format. You may also wish to do a search at www.securityfocus.com and search for securely publishing Terminal Servers. There was an excellent article that covered most situations but I've mislaid the link. Options included encrypting the stream from custom port to custom port via zebedee which is a small encryption program. Hope that helps your friend a little John the Kiwi www.johnthekiwi.com On Sat, 2003-01-11 at 08:39, Dominick Baier wrote:
Hi, well the idea isn't _that_ bad at all - you have 128bit encryption - can make use of strong passwords - if all other ports are blocked from the world (esp. 135-139, 445) you have rich auditing - well, the approach is not worse than any other remote mgmt solution - besides SSH..... there are some pen test tools for ts - but the one we are all waiting for -tsgrinder- for brute forcing ts is still pending. check . www.hammerofgod.com greets -----Ursprüngliche Nachricht----- Von: Ralph Los [mailto:RLos () enteredge com] Gesendet: Freitag, 10. Januar 2003 16:09 An: 'Pen-test () securityfocus com' Betreff: MS Terminal Services open to the world Vertraulichkeit: Vertraulich Hello all, I've got a pretty good client of mine who absolutely refuses to heed my warnings about keeping Terminal Services open to the world. They rely on Windows passwords and figure that's strong enough for all their servers (management). Now I'm given the task of auditing their security/infrastructure and would like to come up some creative ways to back up my point about MS TS open to the Internet being a bad idea. Any thoughts or input is appreciated. Ralph ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/ ---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
---------------------------------------------------------------------------- This list is provided by the SecurityFocus Security Intelligence Alert (SIA) Service. For more information on SecurityFocus' SIA service which automatically alerts you to the latest security vulnerabilities please see: https://alerts.securityfocus.com/
Current thread:
- MS Terminal Services open to the world Ralph Los (Jan 10)
- Re: MS Terminal Services open to the world Don Voss (Jan 11)
- AW: MS Terminal Services open to the world Dominick Baier (Jan 12)
- Re: AW: MS Terminal Services open to the world John the Kiwi (Jan 17)
- RE: MS Terminal Services open to the world Curt Purdy (Jan 12)
- <Possible follow-ups>
- RE: MS Terminal Services open to the world Puterbaugh, Mike (Jan 11)
- Re: MS Terminal Services open to the world Robert G. Ferrell (Jan 15)
- Re: MS Terminal Services open to the world Deus, Attonbitus (Jan 21)