Re: TS/3389 risk on Internet

["Travis Potter" <Travis () secureintegrations com>]

I can speak for at least RDP Client 5x and up for windows, and Yes it is
encrypted at 128 bits as of windows 2000 sp1
----- Original Message -----
From: "net sec" <netsec9 () hotmail com>
To: <pen-test () securityfocus com>
Sent: Tuesday, October 26, 2004 2:18 PM
Subject: TS/3389 risk on Internet


> I have a peer that insists on allowing public access to his Domain
> controller via TS/tcp 3389 over the internet.  I know there are some
> documented cases of 'man-in-the-middle' attacks for this service but I was
> hoping someone here could help me plead my case as to why this is a bad
> idea.  Maybe you all disagree and regurlary allow this traffic.  It just
> doesn't sit well with me.  Does anyone know if the login/password is sent
in
> clear text for TS authentication?
>
> Thanks in advance for any thoughts,
> Nicole
>
> _________________________________________________________________
> On the road to retirement? Check out MSN Life Events for advice on how to
> get there! http://lifeevents.msn.com/category.aspx?cid=Retirement
>
>
> --------------------------------------------------------------------------
----
> Internet Security Systems. - Keeping You Ahead of the Threat
>
> When business losses are measured in seconds, Internet threats must be
stopped before they impact your network. To learn how Internet Security
Systems keeps organizations ahead of the threat with preemptive intrusion
prevention, download the new whitepaper, Defining the Rules of Preemptive
Protection, and end your reliance on reactive security technology.
> http://www.securityfocus.com/sponsor/ISS_pen-test_041001
> --------------------------------------------------------------------------
-----
>