Penetration Testing mailing list archives
RE: TS/3389 risk on Internet
From: <sk3tch () sk3tch net>
Date: Mon, 1 Nov 2004 17:08:15 -0600
Lennert Sorth:
Well, its certainly sent unencrypted, if not clear text.
False, false, false! Please educate yourself before posting. Windows 2000: http://www.microsoft.com/windows2000/techinfo/howitworks/terminal/rdpfan dp.asp Default configuration is 56-bit, you can set this to 128-bit. Windows XP: http://www.microsoft.com/windowsxp/using/mobility/default.mspx Default configuration is 128-bit Windows Server 2003 http://www.microsoft.com/windowsserver2003/technologies/terminalservices /default.mspx Default configuration is 128-bit, and there is FIPS-encryption level available (for even more security) The encryption level can be configured on the server.
From the RDP-Tcp Properties on Windows 2000 Advanced Server:
"Encryption level: Medium All data sent between the client and the server is protected by encryption based on the server's standard key strength" That is the default setting!
Current thread:
- Re: TS/3389 risk on Internet Lennart Sorth (Nov 01)
- <Possible follow-ups>
- Re: TS/3389 risk on Internet Adam Jones (Nov 01)
- Re: TS/3389 risk on Internet Jeffrey Clark (Nov 01)
- RE: TS/3389 risk on Internet Keith T. Morgan (Nov 01)
- RE: TS/3389 risk on Internet Peadro, Jeff (AIS) (Nov 01)
- Re: TS/3389 risk on Internet Tim (Nov 03)
- Re: TS/3389 risk on Internet Travis Potter (Nov 01)
- Re: TS/3389 risk on Internet Neale Green (Nov 03)
- Re: TS/3389 risk on Internet Davide Carnevali (Nov 01)
- RE: TS/3389 risk on Internet sk3tch (Nov 03)
- RE: TS/3389 risk on Internet Todd Towles (Nov 03)