Bugtraq mailing list archives
Re: Citrix ICA Basic Encryption
From: weld () L0PHT COM (Weld Pond)
Date: Tue, 28 Mar 2000 17:35:31 -0500
On Wed, 29 Mar 2000, Dug Song wrote:
Citrix offers a secure alternative called SecureICA, which uses Diffie-Hellman for key exchange and RC5 to encrypt the underlying transport (now at 128-bit strength worldwide). While this is certainly better than the simple XOR scheme outlined above, it may still be vulnerable to an active man-in-the-middle attack. Caveat user.
SecureICA is only available for Windows and DOS clients. Unix, Macintosh, and Java clients must use the insecure protocol. Due to the nature of the protocol it cannot be tunnelled through ssh. A VPN is probably the only solution for Unix, Macintosh and Java clients. -weld
Current thread:
- Re: Esafe Protect Gateway (CVP) does not scan virus under some, (continued)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Alon Rotem (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Hugo.van.der.Kooij () CAIW NL (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Eric Chien (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Jason Brvenik (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Lea, Michael (Mar 24)
- Security Problems with Linux 2.2.x IP Masquerading H D Moore (Mar 27)
- Follow-Up: Security Problems with Linux 2.2.x IP Masquerading H D Moore (Mar 28)
- privacy problems with HTTP cache-control Martin Pool (Mar 28)
- Objectserver vulnerability Howard M. Kash III (Mar 29)
- Citrix ICA Basic Encryption Dug Song (Mar 29)
- Re: Citrix ICA Basic Encryption Weld Pond (Mar 28)
- Re: Citrix ICA Basic Encryption Chris Knight (Mar 29)
- Security Problems with Linux 2.2.x IP Masquerading H D Moore (Mar 27)
- Re: Security Problems with Linux 2.2.x IP Masquerading Olaf Kirch (Mar 30)
- Remote DoS Attack in Windows 2000/NT 4.0 TCP/IP Print Request Server Vulnerability Ussr Labs (Mar 30)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Alon Rotem (Mar 24)
- Re: Esafe Protect Gateway (CVP) does not scan virus under some Ian Turner (Mar 27)