Full Disclosure mailing list archives
RE: [lists] Terminal Server vulnerabilities
From: "ALD, Aditya, Aditya Lalit Deshmukh" <aditya.deshmukh () online gateway expertworks net>
Date: Fri, 28 Jan 2005 01:06:53 +0530
It's also only possible when you've got NetBIOS/CIFS open to the Internet,
Yes I know... That is why I said security thru obscurity
With this argumentation, you could sell your firewalls.
No I would not I would use an ids with properly tuned sigs for the terminal server abd then connect the terminal server via a proxy like vnc running something over freebsd or linux. I would never allow a windows terminal server to be directly be connected to the net... -aditya ________________________________________________________________________ Delivered using the Free Personal Edition of Mailtraq (www.mailtraq.com) _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Terminal Server vulnerabilities Daniel Sichel (Jan 24)
- RE: [lists] Terminal Server vulnerabilities Curt Purdy (Jan 25)
- Re: [lists] Terminal Server vulnerabilities Steve Tornio (Jan 25)
- RE: [lists] Terminal Server vulnerabilities ALD, Aditya, Aditya Lalit Deshmukh (Jan 27)
- Re: [lists] Terminal Server vulnerabilities Jan Muenther (Jan 27)
- RE: [lists] Terminal Server vulnerabilities ALD, Aditya, Aditya Lalit Deshmukh (Jan 27)
- Re: [lists] Terminal Server vulnerabilities Jan Muenther (Jan 27)
- Re: [lists] Terminal Server vulnerabilities Steve Tornio (Jan 25)
- RE: [lists] Terminal Server vulnerabilities Curt Purdy (Jan 25)
- Re: Terminal Server vulnerabilities Valdis . Kletnieks (Jan 27)
- <Possible follow-ups>
- Re: Terminal Server vulnerabilities Daniel H. Renner (Jan 24)
- RE: Re: Terminal Server vulnerabilities Larry Seltzer (Jan 25)
- Re: Terminal Server vulnerabilities offtopic (Jan 25)
- RE: Re: Terminal Server vulnerabilities Mark Senior (Jan 25)
- RE: Re: Terminal Server vulnerabilities Larry Seltzer (Jan 25)
- Re: Re: Terminal Server vulnerabilities Valdis . Kletnieks (Jan 25)
- RE: Re: Terminal Server vulnerabilities Larry Seltzer (Jan 25)