Re: (prevent + detect Arp spoofing) + Securing Terminal Services

From: Deus, Attonbitus <Thor(at)HammerofGod.com>
Date: Thu May 08 2003 - 17:29:00 EDT

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

At 01:02 PM 5/8/2003, Dan Rowe wrote:

> I heard about the man-in-the-middle exploit that has been found

The post to BT about using SSL and the TSAC web client was actually incorrect. Launching the activeX control via SSL is only secure for the
control download- once the control in instantiated in memory, it directly
connects to the tserver from the client - the SSL session no longer applies.

A good bet is certificate based VPN or IPSEC between the hosts. And you
can use IPSec to firewall off the IP/Ports to/from the addresses you want. You might also play with the new Basic Firewall option in RRAS on
Win2k3.

hth

t

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.0

iQA/AwUBPrrMIohsmyD15h5gEQIH1QCfb0/a2F6fTZr+ymgXezcb2j9E97MAoMWP 6cZ/0k/9YWRbz2JF8pkfWGDl
=eqib
-----END PGP SIGNATURE-----

---

FastTrain has your solution for a great CISSP Boot Camp. The industry`s most recognized corporate security certification track, provides a comprehensive prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization of pertinent security tools. For a limited time you can enter for a chance to win one of the latest technological innovations, the SEGWAY HT. Log onto http://www.securityfocus.com/FastTrain-focus-ms

---

Received on Thu May 8 18:02:48 2003