Full Disclosure mailing list archives

Re: [lists] Terminal Server vulnerabilities

From: Jonathan Rickman <jrickman () gmail com>
Date: Wed, 26 Jan 2005 11:50:42 -0500

On Tue, 25 Jan 2005 14:38:30 -0600, Curt Purdy <purdy () tecman com> wrote:

The problem with terminal server is not any vulnerablities that can be
exploited, but the fact that administrator can be bruteforced (6 attempts
followed by reconnect) and that it is screaming its existence on port 3889.
If you use it, definitely change the port in the registry.


You can use the local security policy to prevent administrators from
logging in via terminal services and then enable "run as" for
administrative tasks...which should be done anyway. Changing the port
number is another good step though.

--
Jonathan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

Terminal Server vulnerabilities Daniel Sichel (Jan 24)
- RE: [lists] Terminal Server vulnerabilities Curt Purdy (Jan 25)
  - Re: [lists] Terminal Server vulnerabilities Steve Tornio (Jan 25)
    - RE: [lists] Terminal Server vulnerabilities ALD, Aditya, Aditya Lalit Deshmukh (Jan 27)
    - Re: [lists] Terminal Server vulnerabilities Jan Muenther (Jan 27)
    - RE: [lists] Terminal Server vulnerabilities ALD, Aditya, Aditya Lalit Deshmukh (Jan 27)
    - Re: [lists] Terminal Server vulnerabilities Jan Muenther (Jan 27)
  - Re: [lists] Terminal Server vulnerabilities Jonathan Rickman (Jan 26)
- Re: Terminal Server vulnerabilities Nicolas RUFF (lists) (Jan 27)
  - Re: Terminal Server vulnerabilities Valdis . Kletnieks (Jan 27)
- <Possible follow-ups>
- Re: Terminal Server vulnerabilities Daniel H. Renner (Jan 24)
  - RE: Re: Terminal Server vulnerabilities Larry Seltzer (Jan 25)
  - Re: Terminal Server vulnerabilities offtopic (Jan 25)
- RE: Re: Terminal Server vulnerabilities Mark Senior (Jan 25)
  - RE: Re: Terminal Server vulnerabilities Larry Seltzer (Jan 25)
    - Re: Re: Terminal Server vulnerabilities Valdis . Kletnieks (Jan 25)
- Re: Terminal Server vulnerabilities larry_seltzer_is_a_fraud (Jan 26)
- RE: Re: Terminal Server vulnerabilities Bob the Builder (Jan 26)

(Thread continues...)