Penetration Testing mailing list archives
FW: Securing Citrix
From: "Ross Dawson" <ross () ramraidersoftware com>
Date: Sat, 26 May 2012 00:19:06 +0100
From personal experience I could get around a citrix session by either
using IE or if an application had a help option in the menu fire up this and then browse to where you want to get to through file open the CHM help app can sometimes make life hard. Or if you knew the locations of mmc regedit gpupdate etc knowing the local admin account as well kind of helps. Keep tabs on access control with the security log to see whos doing what. The previous contract I was on hadn't switched on any auditing for who initiated server shutdown. When you are trying to pull out a lengthy report from AD and the server powers off for no reason that's just annoying. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Marco Ivaldi Sent: 23 May 2012 08:59 To: pen-test () securityfocus com Subject: Re: Securing Citrix Adrian, On Wed, 16 May 2012, utf-8?Q? Adri=C3=A1n_Puente_Z. ?= wrote:
Hi everyone! I am looking for a good reference to secure a Citrix server to avoid a user to gain acces to the operating system. So far I have some ideas like restricting the execution of the cmd.exe and (maybe) explorer.exe from with a group policy in the domain. If you know about any document I can look at or have any experience about this that want to share I will be very thankful. Thanks in advance.
Which Citrix products are you interested in? Citrix solutions are quite powerful and complex, therefore understanding and securing them is not an easy task. Here are some resources about securely deploying Citrix XenApp, Citrix XenServer, and Citrix Access Gateway: http://books.google.it/books?id=1k8ykeHLCp0C&lpg=PA476&ots=ZGj2TEpEPj&dq=sec uring%20citrix%20xenapp%20cmd.exe&hl=it&pg=PP1#v=onepage&q&f=false http://www.citrix.com/lang/English/lp/lp_2317289.asp http://support.citrix.com/servlet/KbServlet/download/20639-102-665890/user_s ecurity-1.0-5.5.0-en_gb.pdf http://support.citrix.com/servlet/KbServlet/download/28-102-664972/Best%20Pr actices%20for%20Securing%20Citrix%20Secure%20Gateway%20Deployment.pdf And here are some links that help mapping Citrix attack surface (and consequently finding and fixing potential security holes): http://www.vulnerabilityassessment.co.uk/Citrix.html (including links) http://www.vulnerabilityassessment.co.uk/citrix_tools.zip http://ikat.ha.cked.net/ (iKAT, interactive Kiosk Attack Tool) Cheers, -- ------------------------------------------------------------------ Marco Ivaldi OPSA, OPST, OWSE, QSA, ASV Senior Security Advisor @ Mediaservice.net Srl Tel: +39-011-32.72.100 Via Santorelli, 15 Fax: +39-011-32.46.497 10095 Grugliasco (TO) - ITALY http://www.mediaservice.net/ ------------------------------------------------------------------ PGP Key - https://keys.mediaservice.net/m_ivaldi.asc ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: Information Assurance Certification Review Board Prove to peers and potential employers without a doubt that you can actually do a proper penetration test. IACRB CPT and CEPT certs require a full practical examination in order to become certified. http://www.iacertification.org ------------------------------------------------------------------------
Current thread:
- Securing Citrix Adrián Puente Z. (May 16)
- <Possible follow-ups>
- Re: Securing Citrix Marco Ivaldi (May 24)
- FW: Securing Citrix Ross Dawson (May 29)
- Message not available
- Re: Securing Citrix Paul Craig (May 29)