Home page logo
/

basics logo Security Basics mailing list archives

RE: RDP Encryption Level (was RE: RDP sniffing)
From: "Anich, Ryan L." <RAnich () smdc org>
Date: Mon, 31 Dec 2007 12:04:25 -0600

I think this might be found useful for some.... 

Go here and search for RDP

http://thelazyadmin.com

This shows how to set up SSL and self signed certs.

Identifying encryption level might be tricky from an RDP session request
unless they are on a higher level which would then require you to be set
the same otherwise it will disconnect you.  

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of Rui Pereira (WCG)
Sent: Monday, December 31, 2007 11:09 AM
To: security-basics () securityfocus com
Subject: RDP Encryption Level (was RE: RDP sniffing)

While we're talking RDP, does anyone know how to identify the encryption
level in use, remotely? 

Thank You
Rui
 

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com]
On Behalf Of MaddHatter
Sent: December 28, 2007 5:28 PM
To: security-basics () securityfocus com
Subject: Re: RDP sniffing

Windows RDP is encrypted. ...

I forgot to mention that RDP is vulnerable to a man-in-the-middle
attack. (That is, if you're not using certificates, which as I mentioned
I haven't looked into at all.)


No virus found in this incoming message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.17.12/1203 - Release Date:
30/12/2007
11:27 AM
 

No virus found in this outgoing message.
Checked by AVG Free Edition. 
Version: 7.5.516 / Virus Database: 269.17.12/1203 - Release Date:
30/12/2007
11:27 AM
 



This e-mail communication and any attachments may contain confidential and privileged information for the use of the 
designated recipients named above. If you are not the intended recipient, you are hereby notified that you have 
received this communication in error and that any review, disclosure, dissemination, distribution or copying of it or 
its contents is prohibited. As required by federal and state laws, you need to hold this information as privileged and 
confidential. If you have received this communication in error, please notify the sender and destroy all copies of this 
communication and any attachments. 




  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault