If someone 0wns your pipe between you and the Terminal Server(s) then you got bigger problems then the existing MITM attack. Whether the attack sets it up via ARP spoofing, or other trickery. If you are really worried about this, encrypt your communications via IPSEC. Z Edward E. Ziots CISSP, Network +, Security + Network Engineer Lifespan Organization Email:eziots@xxxxxxxxxxxx Cell:401-639-3505 -----Original Message----- From: Ansgar Wiechers [mailto:bugtraq@xxxxxxxxxxxxxxxx] Sent: Wednesday, February 09, 2011 7:46 AM To: bugtraq@xxxxxxxxxxxxxxxxx Subject: Re: Microsoft Terminal Services vulnerable to MITM-attacks. On 2011-02-08 sam.vaughey@xxxxxxxxx wrote: > Does this issue still exist ? Depends on the configuration. Unless configured to require network level authentication, RDP is still prone to MitM attacks AFAIK. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq
