[THIN] Re: FW: [CitrixCanada] ICA file from Nfuse-CSG
- From: "Ron Oglesby" <roglesby@xxxxxxxxxxxx>
- To: <thin@xxxxxxxxxxxxx>
- Date: Fri, 1 Nov 2002 17:12:03 -0600
I already had a conversation with this guy off line. I will forward that
to you from my other e-mail account.
Ron Oglesby
Senior Technical Architect
=20
RapidApp
Office 312.372.7188
Mobile 312.961.2380
email roglesby@xxxxxxxxxxxx
=20
-----Original Message-----
From: Mack, Rick [mailto:RMack@xxxxxxxxxxxxxx]=20
Sent: Friday, November 01, 2002 4:03 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: FW: [CitrixCanada] ICA file from Nfuse-CSG
Hi,
That isn't a password. The token handles the user authentication side of
things, and is time-stamped. There isn't enough info in the .ica file to
let
you do any more than launch a DOS attack against the CSG server.
Regards,
Rick
Ulrich Mack
rmack@xxxxxxxxxxxxxx
Volante Systems
18 Heussler Terrace, Milton 4064
Queensland Australia
tel +61 7 32467704
-----Original Message-----
From: Selinger, Stephen [mailto:SSelinger@xxxxxxxxxxxxxx]=20
Sent: Saturday, 2 November 2002 1:15 AM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] FW: [CitrixCanada] ICA file from Nfuse-CSG
I was hoping that someone on this list would have an answer to this
question
that I could forward to the Canadian list.
=20
Thanks!
-----Original Message-----
From: Emerson Chi [mailto:EChi@xxxxxxxx]=20
Sent: November 1, 2002 3:15 AM
To: CitrixCanada@xxxxxxxxxxxxxxx; 'michael.burnett@xxxxxxxxxx'
Subject: [CitrixCanada] ICA file from Nfuse-CSG
I noticed that the ICA file sent by the NFuse server (in a CSG
deployment)
contains the ticket, CSG gateway DNS name and encrypted NT domain and
password. If an intruder taps in to the SSL stream and able to crack
the NT
domain and password, wouldn't they be able to use it and log in as the
user
regardless of the ticket? All they really need is the user name,
password
and domain to log in. How true is this and how can it be deemed safe and
secure?
=20
Thanks
=20
Emerson
Yahoo! Groups Sponsor=09
ADVERTISEMENT
=20
<http://rd.yahoo.com/M=3D237459.2482214.3917349.2146399/D=3Degroupweb/S=3D=
1707
2819
14:HM/A=3D1267611/R=3D0/*http://ad.doubleclick.net/jump/N2524.Yahoo/B1071=
650
;sz=3D
300x250;ord=3D1036156880111335?> =09
=20
<http://us.adserver.yahoo.com/l?M=3D237459.2482214.3917349.2146399/D=3Deg=
rou
pmai
l/S=3D:HM/A=3D1267611/rand=3D189333636> =09
To unsubscribe from this group, send an email to:
CitrixCanada-unsubscribe@xxxxxxxxxxxxxxx
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service
<http://docs.yahoo.com/info/terms/> .=20
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************=20
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
=20
**********************************************************************
This email may be confidential and/or privileged. Only the intended=20
recipient may access or use it. Any dissemination, distribution or
copying of this email is strictly prohibited. If you are not the
intended recipient please notify us immediately by return email and
then erase the email.
We use virus scanning software but exclude all liability for viruses=20
or similar in any attachment or message...,..,..,.
=20
**********************************************************************
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************=20
For Archives, to Unsubscribe, Subscribe or=20
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
Other related posts:
