[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [lists] [Full-Disclosure] Terminal Server vulnerabilities

To: "'Daniel Sichel'" <daniels@xxxxxxxxxxxxxxxx>, <full-disclosure@xxxxxxxxxxxxxxxx>
Subject: RE: [lists] [Full-Disclosure] Terminal Server vulnerabilities
From: "Curt Purdy" <purdy@xxxxxxxxxx>
Date: Tue, 25 Jan 2005 14:38:30 -0600

Daniel Sichel wrote:
<snip>
> Naturally  I 
> don't like this answer because of horror stories I have heard 
> about Terminal server. They claim there are no unfixed 
> vulnerabilities to Terminal Server on Windows Server 2000 
> Service Pack 4. 

The problem with terminal server is not any vulnerablities that can be
exploited, but the fact that administrator can be bruteforced (6 attempts
followed by reconnect) and that it is screaming its existence on port 3889.
If you use it, definitely change the port in the registry.

Curt Purdy CISSP, GSEC, CNE, MCSE+I, CCDA 
Information Security Engineer 
DP Solutions 

-----------------------------

If you spend more on coffee than on IT security, you will be hacked.
What's more, you deserve to be hacked.
-- former White House cybersecurity czar Richard Clarke

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [lists] [Full-Disclosure] Terminal Server vulnerabilities
  - From: Steve Tornio
- Re: [lists] [Full-Disclosure] Terminal Server vulnerabilities
  - From: Jonathan Rickman

References:
- [Full-Disclosure] Terminal Server vulnerabilities
  - From: Daniel Sichel

Prev by Date: Re: [Full-Disclosure] SMTP Spam Attempt?
Next by Date: Re: [Full-Disclosure] hushmail.com, is this true?
Previous by thread: [Full-Disclosure] Terminal Server vulnerabilities
Next by thread: Re: [lists] [Full-Disclosure] Terminal Server vulnerabilities
Index(es):
- Date
- Thread