ICA (Independent Computing Architecture) is Citrix own communications protocol which has a lot of capabilities beyond the "standard" client and server applications supplied by the vendor. You can get the SDK for free from Citrix by joining their development network. According to the Citrix literature this is what the two SDKs support. Citrix Server SDK-Allows developers to add value to a Citrix MetaFrame server.
Citrix Virtual Channel SDK-Enables developers to create specialized Citrix ICA channels between the client and server for complete solution customization. I would say that these capabilities certainly have the potential to violate a number of security parameters/policies. -- William Stackpole, CISSP ----- Original Message ----- From: "James R Grinter" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Thursday, April 04, 2002 2:08 PM Subject: Re: FW: Citrix ports vulnerabilities > On Thu, Apr 04, 2002 at 02:38:35PM -0600, Smith Joseph wrote: > > Are there any known security problems/vulnerabilities with Citrix ports > > (1494/1604) open on the firewall? > > Well, I'd have to say that the first thing you want to concern yourself > with is that Citrix can map the user (client)'s system's drives > to be accessible by the remote server. > > James. > _______________________________________________ > Firewalls mailing list > [EMAIL PROTECTED] > http://lists.gnac.net/mailman/listinfo/firewalls _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
