Also, as a usability asside make sure you set session time outs or you risk finding yourself accidentally locked out of the box if you have too many dodgey disconnected sessions. I usually set active:1day, inactive:1hr, disconnected:10mins. That way if the box is monkeying about or people leave sessions open you can still get in - useful if the box is too far away to go to the console.
Cheers,
Bob
-----Original Message----- From: Daniel H. Renner [mailto:[EMAIL PROTECTED] Sent: 25 January 2005 07:19 To: full-disclosure@lists.netsys.com Subject: [Full-Disclosure] Re: Terminal Server vulnerabilities
Original message:
Date: Mon, 24 Jan 2005 15:52:55 -0800 From: "Daniel Sichel" <[EMAIL PROTECTED]>
They claim there are no unfixed vulnerabilities to Terminal Server on Windows Server 2000 Service Pack 4.
I find that hard to believe and I know you guys will know if they are full of it, or they are correct. Please let me know ASAP of any CURRENT vulnerabilities int Terminal Server.
Dan,
Try here for starters: http://www.google.com/search?q=%22windows+terminal+server%22+exploit&sourceid=mozilla&start=0&start=0&ie=utf-8&oe=utf-8
(2,310 results)
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html