Network Security: Detailed info on Re: RDP sniffing

Ethical Hacking

Learn to find vulnerabilities before the bad guys do! Gain real world hands on hacking experience in our state of the art hacking lab. Course designed and taught by expert instructors with years of penetration testing experience. 12 student maximum in every class. Certification attempt included in every package.

Computer Forensics Training at InfoSec Institute

Gain the in-demand skills of a certified computer examiner, learn to recover trace data left behind by fraud, theft, and cybercrime perpetrators. Discover the source of computer crime and abuse at your organization so that it never happens again. All of our class sizes are guaranteed to be 12 students or less to facilitate one-on-one interaction with one of our expert instructors.

Network Security Security-Basics

[Top] [All Lists]

Re: RDP sniffing

from [krymson] Network Security

[Permanent Link]

Subject:	Re: RDP sniffing
Date:	27 Dec 2007 22:19:16 -0000

I spent about an hour searching, but surprisingly have come up with very 
little. Over the years, MS must have done a decent job making sure RDP sessions 
are not only encrypted, but the session keys exchanged securely. 

Still, I was able to find this hardware solution. While it might not impact any 
risk assessment in regards to your normal attackers sniffing the network, it 
might indicate that this is still possible somehow.

http://www.bmst.net/tech.htm#rdp

If I couldn't get the client wrapped into ipsec or some other VPN, I could live 
with an RDP-only connection from client to the server in question. That's my 
own risk assessment, though, without any knowledge on how valuable or important 
your connection is...  There are certainly worse ways to achieve remote 
connections.

<- snip ->

Is possible sniffing RDP in a switched LAN?

Is possible capturing passwords?
Is possible "saving a video" about the user tasks?

Thanks in advance.
Fran Lopez.

[More messages with this same subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
RDP sniffing, Fran Lopez Re: RDP sniffing, Stewart Gray Re: RDP sniffing, Nobody Special Re: RDP sniffing, MaddHatter Message not available Re: RDP sniffing, Fran Lopez RDP sniffing, Fran Lopez RE: RDP sniffing, Ian Smith RE: RDP sniffing, Lenny Hansson Re: Re: RDP sniffing, kurt . kessler Re: RDP sniffing, krymson <= RE: RDP sniffing, Timmothy Lester RE: RDP sniffing, krymson

Previous by Date:	Port-Knocking vulnerabilities?, Kappa Alpha Pi Eta
Next by Date:	Re: Reflexive firewalls?, nobledark
Previous by Thread:	Re: Re: RDP sniffing, kurt . kessler
Next by Thread:	RE: RDP sniffing, Timmothy Lester
Indexes:	[Date] [Thread] [Top] [All Lists]