mailing list archives
RE: RDP sniffing
From: "Timmothy Lester" <Timmothy.Lester () primeadvisors com>
Date: Fri, 28 Dec 2007 10:19:38 -0800
Okay people, go a little deeper: http://eprint.iacr.org/2007/419.pdf
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of krymson () gmail com
Sent: Thursday, December 27, 2007 5:19 PM
To: security-basics () securityfocus com
Subject: Re: RDP sniffing
I spent about an hour searching, but surprisingly have come up with very
little. Over the years, MS must have done a decent job making sure RDP
sessions are not only encrypted, but the session keys exchanged
Still, I was able to find this hardware solution. While it might not
impact any risk assessment in regards to your normal attackers sniffing
the network, it might indicate that this is still possible somehow.
If I couldn't get the client wrapped into ipsec or some other VPN, I
could live with an RDP-only connection from client to the server in
question. That's my own risk assessment, though, without any knowledge
on how valuable or important your connection is... There are certainly
worse ways to achieve remote connections.
<- snip ->
Is possible sniffing RDP in a switched LAN?
Is possible capturing passwords?
Is possible "saving a video" about the user tasks?
Thanks in advance.
Message not available
RDP sniffing Fran Lopez (Dec 27)
RE: RDP sniffing Ian Smith (Dec 28)
Re: Re: RDP sniffing kurt . kessler (Dec 28)
Re: RDP sniffing krymson (Dec 28)
- Re: RDP sniffing, (continued)
RE: RDP sniffing krymson (Dec 31)
- RE: RDP sniffing Timmothy Lester (Dec 28)