Rdeskop Security Article
by Dustin Puryear
However, the paper did leave me with a few questions:
1. There is a not that rdesktop supports an -E option which prevents encryption of the login packet, which could potentially expose a password. Let us ignore the client for now. Why does RDP even support this?
2. Why doesn’t RDP, the protocol, support Kerberos? That is something I have never been able to understand. If it did, then you would get automatic logics from a client to server, regardless of whether you were using mstsc.exe or rdesktop, assuming you had your Windows desktop as part of AD or setup Kerberos between your Linux/UNIX workstation and AD (which is quite doable).
The author, Chris Travers, makes note of the fact that RDP was built around the OSI model instead of TCP/IP, thus it approaches things differently (e.g., not supporting Kerberos). I just do not follow this logic. Kerberos support can be added. What is taking so long?
|That entire section of the pdf is a little funny as ITU T.128 somehow becomes the OSI model and what looks like some half-baked guesswork is provided. The rest of the pdf doesn't offer much more than saying the -p option is probably a bad idea and a screenshot of a yum install command.|
Yeah, like I said, I just don't follow the OSI/Kerb logic in that paper.
|http://www.google.fr/notebook/public/08485318623931463700/BDR96QgoQqNnm1rYj http://www.google.fr/notebook/public/17940775941673668353/BDRQEQwoQ5o6Ep7cj http://www.google.com/notebook/public/13269768860178631328/BDQV_QgoQnYnP0LYj http://www.google.fr/notebook/public/17940775941673668353/BDQcKQgoQopHRp7cj http://www.google.fr/notebook/public/17940775941673668353/BDQPCQwoQx-Xvprcj|
|http://sites.google.com/site/cultsexslave/mallika-movie-sex-sherawat http://www.google.fr/notebook/public/17940775941673668353/BDRQEQwoQ7-nhprcj http://sites.google.com/site/formenonlypages/gang-bang http://sites.google.com/site/cultsexslave/cults-of-sex http://sites.google.com/site/cultsexslave/Home|