Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email email@example.com
Re: [lists] [Full-Disclosure] Terminal Server vulnerabilities
From: Jonathan Rickman (jrickmangmail.com)
Date: Wed Jan 26 2005 - 10:50:42 CST
On Tue, 25 Jan 2005 14:38:30 -0600, Curt Purdy <purdytecman.com> wrote:
> The problem with terminal server is not any vulnerablities that can be
> exploited, but the fact that administrator can be bruteforced (6 attempts
> followed by reconnect) and that it is screaming its existence on port 3889.
> If you use it, definitely change the port in the registry.
You can use the local security policy to prevent administrators from
logging in via terminal services and then enable "run as" for
administrative tasks...which should be done anyway. Changing the port
number is another good step though.
Full-Disclosure - We believe in it.