|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Re: [lists] [Full-Disclosure] Terminal Server vulnerabilities
From: Jonathan Rickman (jrickman
gmail.com)
Date: Wed Jan 26 2005 - 10:50:42 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
On Tue, 25 Jan 2005 14:38:30 -0600, Curt Purdy <purdytecman.com> wrote:
> The problem with terminal server is not any vulnerablities that can be
> exploited, but the fact that administrator can be bruteforced (6 attempts
> followed by reconnect) and that it is screaming its existence on port 3889.
> If you use it, definitely change the port in the registry.
You can use the local security policy to prevent administrators from
logging in via terminal services and then enable "run as" for
administrative tasks...which should be done anyway. Changing the port
number is another good step though.
--
Jonathan
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]