In our eyes the biggest design flaw is that there is no authentication prior
to the windows authentication. PCs in a locked office are more secure than
a Terminal Server out on the public internet... because you need a key to
get into the office.
-----Original Message-----
From: Mordechai T. Abzug [mailto:morty_at_frakir.org]
Sent: Friday, November 21, 2003 12:48 AM
To: firewall-wizards_at_nfr.com
Subject: [fw-wiz] RDP and security
Anyone have any strong opinions on the security of RDP (Microsoft's
terminal server/remote desktop protocol)? Poking around on the net, I
see that they've had at least one design flaw that supposedly hasn't
been fixed (ie. server identification.) Any other design problems?
Thanks!
- Morty
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Jan 06 2004
Intro
