Penetration Testing mailing list archives

RE: TS/3389 risk on Internet

From: <sk3tch () sk3tch net>
Date: Mon, 1 Nov 2004 17:08:15 -0600


Lennert Sorth:

Well, its certainly sent unencrypted, if not clear text.


False, false, false!
 
Please educate yourself before posting.
 
Windows 2000:
http://www.microsoft.com/windows2000/techinfo/howitworks/terminal/rdpfan
dp.asp
 
Default configuration is 56-bit, you can set this to 128-bit.
 
Windows XP:
http://www.microsoft.com/windowsxp/using/mobility/default.mspx
 
Default configuration is 128-bit
 
Windows Server 2003
http://www.microsoft.com/windowsserver2003/technologies/terminalservices
/default.mspx
 
Default configuration is 128-bit, and there is FIPS-encryption level
available (for even more security)
 
The encryption level can be configured on the server.

From the RDP-Tcp Properties on Windows 2000 Advanced Server:

 
"Encryption level:  Medium
 
All data sent between the client and the server is protected by
encryption based on the server's standard key strength"
 
That is the default setting!

Current thread:

Re: TS/3389 risk on Internet Lennart Sorth (Nov 01)
- <Possible follow-ups>
- Re: TS/3389 risk on Internet Adam Jones (Nov 01)
- Re: TS/3389 risk on Internet Jeffrey Clark (Nov 01)
- RE: TS/3389 risk on Internet Keith T. Morgan (Nov 01)
- RE: TS/3389 risk on Internet Peadro, Jeff (AIS) (Nov 01)
  - Re: TS/3389 risk on Internet Tim (Nov 03)
- Re: TS/3389 risk on Internet Travis Potter (Nov 01)
  - Re: TS/3389 risk on Internet Neale Green (Nov 03)
- Re: TS/3389 risk on Internet Davide Carnevali (Nov 01)
- RE: TS/3389 risk on Internet sk3tch (Nov 03)
- RE: TS/3389 risk on Internet Todd Towles (Nov 03)