http://www.securityfocus.com/infocus/1629

Benjamin Meade
System Administrator
LanWest Pty Ltd

-----Original Message-----
From: Dan Rowe [mailto:suedes098 (at) yahoo (dot) com [email concealed]]
Sent: Friday, 9 May 2003 4:03 AM
To: focus-ms (at) securityfocus (dot) com [email concealed]
Subject: (prevent + detect Arp spoofing) + Securing Terminal Services

Hello all,

My name is Dan, and i am participating in a CTF contest

http://crew.ccs.neu.edu/ctf/

I am going to be running a windows 2003 server, and administering it

remotely using Terminal services.

I heard about the man-in-the-middle exploit that has been found for

terminal services, and have learned that using ssl with terminal
services

can avoid this exploit, but in my case, i am unable to use ssl.

Last years contest went to a group that had wrote the Openssh to
main

in the middle everyone using linux, but weren't able to affect the

windows users, this year they focused on writing such a program for

terminal services. So you can see my concern. If i can administer my

machine remotely and safely then i will have a decent chance of getting

into other peoples, and keeping my services (web, mail,..etc) alive and

kick.

So the question is how might i secure terminal services? from the

server side only? I thought that if i configure the arp table on the

server and enter the gateway as a static entry, and only allow it to

connect to terminal services then i might have a fighting chance,
becuase

the MITM attack is based on arp poisoning.

Thanks for your time and help

Dan

p.s. if you have any other ideas or software for securing a server in a

very very hostile network, please let me know.

------------------------------------------------------------------------

-----
FastTrain has your solution for a great CISSP Boot Camp. The industry`s
most
recognized corporate security certification track, provides a
comprehensive
prospectus based upon the core principle concepts of security. This ALL
INCLUSIVE curriculum utilizes lectures, case studies and true hands-on
utilization
of pertinent security tools. For a limited time you can enter for a
chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-focus-ms
------------------------------------------------------------------------

------

------------------------------------------------------------------------
-----
FastTrain has your solution for a great CISSP Boot Camp. The industry`s most
recognized corporate security certification track, provides a comprehensive
prospectus based upon the core principle concepts of security. This ALL INCLUSIVE curriculum utilizes lectures, case studies and true hands-on utilization
of pertinent security tools. For a limited time you can enter for a chance
to win one of the latest technological innovations, the SEGWAY HT.
Log onto http://www.securityfocus.com/FastTrain-focus-ms
------------------------------------------------------------------------
------

[ reply ]