I'm a consultant, so when I have the say-so, I do the following: - enable auditing of account logon events - enable a strong password and account lockout policy - look at the logs periodically (or have an automated warning system in place for suspicious events) - enable encryption on the RDP connection - enable the logon warning message - Limit RDP logon permission only to users that require it I'm not looking for specific help with securing my environment. It was more of a hypothetical question about exploiting RDP or the GINA. Thanks for all the responses. JD > -----Original Message----- > From: thin-bounce@xxxxxxxxxxxxx > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Nick Smith > Sent: Tuesday, 25 May 2004 12:25 a.m. > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Re: Port/box Security > > And make sure that there's a lockout on every user account if > they use the wrong password, say 3 times, or. Which should > stop brute force dictionary attacks. > And check your security logs regularly (You did enable > auditing, right)? > You could use GFI's Security Event Log Monitor. I could sell > it to you:) =20 > > -----Original Message----- > From: Russell Robertson [mailto:russell.robertson@xxxxxxxxx]=20 > Sent: 24 May 2004 11:58 > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Re: Port/box Security > > Jeff > > Yup, I sussed that this was direct RDP connection using the > RDP client. > You didn't mention setting encryption, so it's hugely better > than not setting it! > > To get back to your point, I did see a site a while back > which was creating a hacking tool to do excatly what you are > describing. However, it wasn't for Windows 2003 server, it > may not have even been for 2000. > If I can find it, I'll post it. > > One of the things believe it or not which helps is to set the > legal logon message. Each time someone tries to login, they > have to accept the legal logon message. You might want to add > this if you have not done already. > > Cheers > > Russell > > > -----Original Message----- > From: thin-bounce@xxxxxxxxxxxxx > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin > Sent: 24 May 2004 11:31 > To: thin@xxxxxxxxxxxxx > Subject: [THIN] Re: Port/box Security > > Remember, I'm talking about RDP only, so no Web Interface. > The interaction is between the RDP client and the server, all > over RDP. If the RDP connection is to a server, you can set > the encryption level on the RDP-Tcp connection on the server. > According to the help file, "All levels use the standard RSA > RC4 encrpytion." There are various key strengths that can be > specified, up to 128 bit key lengths for clients that support > them (see MSKB 814590). So, the credentials are encrypted, > although with the default settings, the encryption appears to > be minimal. > Note that this applies to servers. Windows XP supports > Terminal Services as well, but I'm not sure if this low > default level of encryption applies there as well. I suspect > it would, at least, use the minimal key strength of 56-bits.=3D20 > > JD=3D20 > > > -----Original Message----- > > From: thin-bounce@xxxxxxxxxxxxx > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Russell Robertson > > Sent: Monday, 24 May 2004 8:32 p.m. > > To: thin@xxxxxxxxxxxxx > > Subject: [THIN] Re: Port/box Security > >=3D20 > > Now, I'm certainly no expert on this, but one of the > reasons for=3D20 > >= > > >getting the SSL cert is to encrypt the communication between > the=3D20 > >=20 client and the web interface (or public web server, RDP > server, etc.). > > > This is the first connection the client makes.=3D3D20 =3D20 > If you = > don't=20 > >have SSL, aren't you sending usernames and passwords=3D20 across > >the=20 Internet in clear text and therefore easily accessible? > >=3D20 > > Cheers > >=3D20 > > Russell > > Skibo Technologies > >=3D20 > > =3D3D20 > >=3D20 > > -----Original Message----- > > From: thin-bounce@xxxxxxxxxxxxx > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin > > Sent: 24 May 2004 04:35 > > To: thin@xxxxxxxxxxxxx > > Subject: [THIN] Re: Port/box Security > >=3D20 > > Man, you might want to lay off the caffeine a little.=3D3D20 > > I did read your whole post. What I was wondering was whether=20 > >anyone=3D20 did know of any way to exploit the GINA other > than typing > >= > in > > >guesses=3D20 for usernames and passwords and whether anyone > knew of = > any=20 > >RDP=3D20 exploits. > > As for the cost, there are plenty of companies that use TS=20 > >without=3D20 Citrix to provide desktops, and even more > companies allow > >= > > >remote=3D20 access via RDP to servers simply for administrative = > access.=20 > >So the=3D20 cost issue to implement WI/CSG IS significant when you = > have=20 > >to add=3D20 Citrix itself in addition to the hardware and > the certs. = > My=20 > >question=3D20 isn't whether or not WI/CSG is safer; I agree > that it = > is.=20 > >I'm trying=3D20 to assess the level of security that exists > to an=20 > >RDP-exposed server=3D20 in the absence of WI/CSG. > > What I'm really getting at here is this: If I have a server=20 > >that's=3D20 exposed publicly via RDP, and I feel confident > that the=20 > >usernames and=3D20 passwords are not easily guessed (a > stretch in most > >= > > >environments, I=3D20 know), is the GINA > > *itself* or RDP vulnerable? > >=3D20 > > JD > >=3D20 > > > -----Original Message----- > > > From: thin-bounce@xxxxxxxxxxxxx > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Lynch > > > Sent: Monday, 24 May 2004 12:01 p.m. > > > To: thin@xxxxxxxxxxxxx > > > Subject: [THIN] Re: Port/box Security =3D3D20 =3D3D20 > > >-----BEGIN=20 PGP=3D20 SIGNED MESSAGE----- > > > Hash: SHA1 > > >=3D3D20 > > > Hey moron (and I use that term very loosely, 'cuz a moron > > has more=3D3D20 > > >brains than you)! > > >=3D3D20 > > > Just because I said dictionary attack, doesn't mean that I > > captured=3D3D20 > > >data from a TCP or UDP stream, and I was attempting to guess = > the=3D3D20 > > > >=3D > > > >password hash. If I get a GINA prompt, I can start using "common" > > > usernames (administrator, backup, nimda, etc), and then use=20 > > >a=3D3D20=3D20 dictionary cracker to come up with common > passwords and > > enter them=3D3D20 > > >into the prompt. I agree that WI exposes the same thing, > > but at least > >=3D20 > > > it's one central location, instead of multiple servers. To > > reduce the > >=3D20 > > > risk further, yes, use 2 factor authentication (SafeWord or = > RSA=3D3D20 > > > > =3D > > > >tokens). There have been some GINA exploits in the past > > (NT4 was a=3D3D20 > > >prime suspect, don't know of one with Windows 2000). > > >=3D3D20 > > > The only cost that a company will need to incur is the > > hardware (very > > > minimal) and the SSL cert (1 or 2, and you can get them cheap). > > >=3D3D20 > > > My argument wasn't necessarily with exposing GINA (you really=20 > > >need=3D20 to=3D3D20 read the whole email). I stated that > *most*=20 > > >locations have=3D20 either the > >=3D20 > > > UDP port or the XML port open to the internet for ICA Browsing. > > > There are a few hacks out there for capturing this info and > > getting=3D3D20 > > >the usernames and passwords, as well as enumerating the > > published=3D3D20 > > >applications. Using WI and CSG eliminate this completely. > > >=3D3D20 > > > Sheesh, and you called yourself a Senior Engineer. > > >=3D3D20 > > > Chris > > >=3D3D20 > > > [INSERT] Don't the flames start, cuz he and I used to work = > with=3D20=20 > > >each=3D3D20 other. [/INSERT] =3D3D20 > > > > -----Original Message----- > > > > From: thin-bounce@xxxxxxxxxxxxx > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin > > > > Sent: Friday, May 21, 2004 10:36 PM > > > > To: thin@xxxxxxxxxxxxx > > > > Subject: [THIN] Re: Port/box Security =3D3D20 > > > > Someone who's got any server whose adminstrator password > > > is blank or > > > > easy has bigger problems than whether or not to expose a TS > > > directly > > > > to the Internet. I never said it was the right thing to > do.=3D3D20 > > > Nor did I > > > > say this: > > > > =3D3D20 > > > > "You never knew he was there... so you claim to allow 1494 > > > to the LAN > > > > and have zero issues to date. How would you know?" > > > >=3D3D20 > > > > I agree that the risk is decreased if you have a single = > point=3D20 > > > > >of=3D3D20 entry > > > > (CSG/WI) to your farm rather than exposing multiple servers > > > directly.=3D3D20 > > > > However, if anyone does find your WI page, you still have > > > 100% of the > > > > password guesing risk unless you use two-factor authentication. > > > > Really, my question was whether there was a direct risk > > > of exposing > > > > the GINA, i.e., can you get a password hash? Chris said > > > that exposing > > > > the GINA put you at risk for a dictionary attack, and I > > > don't see how > > > > it does. > > > >=3D3D20 > > > > JD > > > >=3D3D20 > > > > > -----Original Message----- > > > > > From: thin-bounce@xxxxxxxxxxxxx > > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Roger Riggins > > > > > Sent: Saturday, 22 May 2004 5:16 p.m. > > > > > To: thin@xxxxxxxxxxxxx > > > > > Subject: [THIN] Re: Port/box Security =3D3D20 Just because > > a lot of > > > > >people do it, doesn't mean it's the > > > > right thing > > > > > to do. One doesn't always need a password hash to score a > > > > password. I > > > > > *guarantee* that some of the people that are reading these > > > > posts have > > > > > member servers that are running TS and don't have a=20 > > > > > local=3D3D20=3D20 administrator password. Some also have = > passwords=20 > > > > > that are=3D20 easily=3D3D20 guessed on the second or third = > attempts. > > > > > > Once > > you're on > > > as a local > > > > > admin, you can shadow...install a sniffer...browse the > > > profiles on > > > > > that machine...whatever you want! Oh, you don't use an idle > > > > timeout?=3D3D20 > > > > > Then he'll shadow a session at 3:00 in the morning when > > > > nobody is in > > > > > the office. > > > > > Maybe it'll be an IT person's session who is a domain admin. > > > > > Then he'll create his own domain admin account with an > > > obscure name > > > > > that you may overlook. Maybe he'll map his client drive and > > > > copy your > > > > > HR and fiscal databases to his local machine. > > > > >=3D3D20 > > > > > You never knew he was there... so you claim to allow 1494 > > > > to the LAN > > > > > and have zero issues to date. How would you know?=3D3D3D20 > > =3D3D20 Also, > > > > >if somebody finds 3389 or 1494 open it may prompt > > > > them to do a > > > > > little social engineering. It's easier than you think. He > > > already > > > > > knows you run Citrix or TS, right? > > > > >=3D3D20 > > > > > Can they do the same thing if you're running CSG? Sure, > > > but they'll > > > > > have a hell of a time finding WI sites with a port scanner. > > > > By using > > > > > CSG, you're reducing the risk. CSG is FREE!=3D3D3D20 =3D3D20 > > Infosec is > > > > >about best effort. It's our job to give that > > > > best effort, > > > > > IMHO.=3D3D3D20 > > > > >=3D3D20 > > > > > Good luck, > > > > > R=3D3D3D20 > > > > >=3D3D20 > > > > > -----Original Message----- > > > > > From: thin-bounce@xxxxxxxxxxxxx > > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin > > > > > Sent: Friday, May 21, 2004 6:05 PM > > > > > To: thin@xxxxxxxxxxxxx > > > > > Subject: [THIN] Re: Port/box Security =3D3D20 > > > > > Let's say you did see the login prompt, either via ICA or > > > > RDP. How > > > > > would you use a dictionary attack if you didn't have a > > > > username and a > > > > > password hash? Or, maybe what I'm asking is, how would that > > > > help you > > > > > get a username and a password hash which you could use = > a=3D3D20=3D20 > > > > > > dictionary/brute force attack on? > > > > > You know me - when it comes to paranoia, I'm up there > > > > with the worst > > > > > of them, but I'm not sure how getting a windows login > > > screen hurts > > > > > you. > > > > > Unless > > > > > that specific situation can somehow be used to get a > > > username and > > > > > password hash, I don't see the danger (unless there's > a=3D20=20 > > > > > protocol=3D3D20 vulnerability that can be exploited, > in which = > case > > > > > > =3D > > > > > > WI/CSG > > > insulates > > > > > you from it).=3D3D3D20 > > > > > As an aside, and to illustrate how many companies do > > > > this, consider > > > > > this: > > > > > One of my customers moved physical locations, and his ISP > > > > changed his > > > > > IP address. I didn't know the new IP addresses of his > > > > Terminal Server > > > > > and couldn't reach the administrator. I figured it might be > > > > close to > > > > > his old address, so I port-scanned 253 IP addresses looking > > > > for port > > > > > 3389. I found about 60 servers, so there are a lot of > > > people doing > > > > > this. > > > > >=3D3D20 > > > > > JD > > > > >=3D3D20 > > > > >=3D3D20 > > > > >=3D3D20 > > > > > > -----Original Message----- > > > > > > From: thin-bounce@xxxxxxxxxxxxx=3D3D3D20=3D3D20=3D20 > > > > > >[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Lynch > > > > > > Sent: Friday, 21 May 2004 6:51 a.m. > > > > > > To: thin@xxxxxxxxxxxxx > > > > > > Subject: [THIN] Re: Port/box Security =3D3D3D20 =3D3D3D20 > > -----BEGIN =3D3D > > PGP=3D3D20 > > > > > >SIGNED MESSAGE----- > > > > > > Hash: SHA1 > > > > > >=3D3D3D20 > > > > > > To say that you have never experienced this, doesn't > > > > > mean=3D3D3D20 that it > > > > > >doesn't happen. Just do a search on=3D3D3D20 > > > > http://neworder.box.sk for > > > > > >CITRIX or ICA and you will find a=3D3D3D20 few > exploits/hacks. > > > > > Can you say > > > > > >for sure that no one has=3D3D3D20 EVER attempted to > log into = > =3D > your > > > > > systems? =3D3D20 > > > > > >If I did a port=3D3D3D20 scan on your external IP > range and = > saw > > > > that 1494 > > > > > >was open, or=3D3D3D20 3389, or if my port scanner > attempted a > > > > > telnet to that > > > > > >port=3D3D3D20 to see if any banner was presented for the > > > service and I > > > > > >get=3D3D3D20 the ^ICA prompt, I know that I need the ICA=20 > > > > > >client=3D20 to=3D3D20 connect=3D3D3D20 to that IP > address. = > Bam. I=20 > > > > > >have a =3D > logon > > > > prompt. I can > > > > > >then=3D3D3D20 try to use a dictionary attack > attempt to guess > > > usernames > > > > > >and=3D3D3D20 passwords. OR, if you have the XML > service open > > > to the=3D3D3D20 > > > > > >internet or the ICA Browser service (1604/UDP), all I > > > > > would=3D3D3D20 need to > > > > > >do is capture or attempt a redirect (hijack) > the=3D3D3D20 =3D > TCP/UDP > > > > > connection > > > > > >to my machine. I could then attempt to=3D3D3D20 crack > > the password. > > > > > >=3D3D3D20 > > > > > > Again, there is a lot of "attempting" here. I would > > > > rather=3D3D3D20 be > > > > > >safe knowing that I had SG in place or a VPN in place > > > that=3D3D3D20 is > > > > > >securing the communications. Also, what's to say that = > I=3D3D3D20 > > > > > cannot get > > > > > >the source of the connection, and break into that=3D3D3D20 > > > > machine? How > > > > > >many users out there have firewalls in place? =3D3D3D20 > > Not many.=3D3D20 > > > > > >With Windows XP SP2, the firewall will be enabled=3D3D3D20 > > > by default. > > > > > That's a > > > > > >good thing. We will see how robust=3D3D3D20 that > firewall is. > > > > > >= > =3D > =3D3D20 > > > > > That's also > > > > > >for another discussion. > > > > > >=3D3D3D20 > > > > > > Chris=3D3D3D20 > > > > > >=3D3D3D20 > > > > > > > -----Original Message----- > > > > > > > From: thin-bounce@xxxxxxxxxxxxx=3D3D20=3D20=20 > > > > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of > > Robert K=3D3D3D20 > > > > > > Coffman Jr -=3D3D3D20 > > > > > > > Info From Data Corporation > > > > > > > Sent: Thursday, May 20, 2004 11:38 AM > > > > > > > To: thin@xxxxxxxxxxxxx > > > > > > > Subject: [THIN] Re: Port/box Security =3D3D3D20 While I > > > > > completely agree > > > > > > >with you in theory, in practice this has=3D3D3D20 never > > > caused us a > > > > > > >problem. I've suggested to my clients=3D3D3D20 > > > > > > that it may=3D3D3D20 > > > > > > > be a matter of time before this port gets exploited, =3D > to=3D3D3D20 > > > > > > date we've had=3D3D3D20 > > > > > > > 0 issues and have been running this way for years. > > > > > > >=3D3D3D20 > > > > > > > Can anyone provide concrete reasons not to expose 1494 > > > > to the=3D3D3D20 > > > > > > >internet? > > > > > > >=3D3D3D20 > > > > > > > PS - Don't jump all over me here, I'm all in favor of > > > > > exposing as=3D3D3D20 > > > > > > >little as possible to the net... I just need more > > ammo to=3D3D20 > > > > > > >convince=3D3D3D20 those with the purse strings. > > > > > > >=3D3D3D20 > > > > > > > - Bob Coffman > > > > > > >=3D3D3D20 > > > > > > > -----Original Message----- > > > > > > > From: thin-bounce@xxxxxxxxxxxxx =3D3D20=3D20=20 > > > > > > >[mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Chris Lynch > > > > > > > Sent: Thursday, May 20, 2004 12:01 PM > > > > > > > To: thin@xxxxxxxxxxxxx > > > > > > > Subject: [THIN] Re: Port/box Security =3D3D3D20 > =3D3D3D20 = > =3D > =3D3D3D20 > > > > -----BEGIN PGP > > > > > > >SIGNED MESSAGE----- > > > > > > > Hash: SHA1 > > > > > > >=3D3D3D20 > > > > > > > The cost of hardware is negligible once someone high = > up=3D3D20 > > > > > > > >=3D > > > > > > > >understands=3D3D3D20 the security implications. > Also, these > > > > > two services > > > > > > >can run on the=3D3D3D20 same server, and don't > require much > > > (PIV with > > > > > > >512MB of RAM would be=3D3D3D20 sufficient for almost 1000 > > > > connections). > > > > > > >=3D3D3D20 > > > > > > > And, notice that I said "WI AND SG". I would > never=3D3D3D20 > > > > > > recommend running=3D3D3D20 > > > > > > > just WI, unless it was for internal users only. > > > > > > > Exposing the ICA port to the Internet is just asking > > > > for trouble.=3D3D20 > > > > > > > =3D3D3D20 Especially if you are also wanting Program =3D3D > > Neighborhood=3D3D3D20 > > > > > > access (either=3D3D3D20 > > > > > > > XML or 1604/UDP). > > > > > > >=3D3D3D20 > > > > > > > Chris > > > > > > >=3D3D3D20 > > > > > > >=3D3D3D20 > > > > > > >=3D3D3D20 > > > > > > > ******************************************************** > > > > > > > This Week's Sponsor - Tarantella Secure Global Desktop > > > > > Tarantella=3D3D3D20 > > > > > > >Secure Global Desktop Terminal Server Edition Free > > Terminal=3D3D20 > > > > > > >Service=3D3D3D20 Edition software with 2 years > maintenance. > > > > > > > http://www.tarantella.com/ttba > > > > > > > ********************************************************** > > > > > > > Useful Thin Client Computing Links are available at: > > > > > > > http://thin.net/links.cfm > > > > > > > > *********************************************************** > > > > > > > For Archives, to Unsubscribe, Subscribe or set > > Digest or=3D3D3D20 > > > > > > Vacation mode=3D3D3D20 > > > > > > > use the below link: > > > > > > > http://thin.net/citrixlist.cfm > > > > > >=3D3D3D20 > > > > > > -----BEGIN PGP SIGNATURE----- > > > > > > Version: PGP 8.0.3 > > > > > > Comment: Public PGP Key for Chris Lynch =3D3D3D20=3D3D20 > > > > >=3D20 > > >iQA/AwUBQKz+Dm9fg+xq5T3MEQJWtACeL2emd6LHrEyj54jl74ZE4xy6cgIAnRDK > > > > > > jVFNAPrlJdIEcLdr+f0rsFY4 > > > > > > =3D3D3D3Drs5a > > > > > > -----END PGP SIGNATURE----- > > > > > >=3D3D3D20 > > > > > >=3D3D3D20 > > > > > > ******************************************************** > > > > > > This Week's Sponsor - Tarantella Secure Global = > Desktop=3D3D3D20 > > > > > Tarantella > > > > > >Secure Global Desktop Terminal Server Edition Free=3D3D3D20 > > > > > Terminal Service > > > > > >Edition software with 2 years maintenance. > > > > > > http://www.tarantella.com/ttba > > > > > > ********************************************************** > > > > > > Useful Thin Client Computing Links are available at: > > > > > > http://thin.net/links.cfm > > > > > > *********************************************************** > > > > > > For Archives, to Unsubscribe, Subscribe or set Digest =3D > or=3D3D3D20 > > > > > Vacation > > > > > >mode use the below link: > > > > > > http://thin.net/citrixlist.cfm =3D3D3D20 > > > > >=3D3D20 > > > > > ******************************************************** > > > > > This Week's Sponsor - Tarantella Secure Global Desktop > > > Tarantella > > > > > Secure Global Desktop Terminal Server Edition Free > > > Terminal Service > > > > > Edition software with 2 years maintenance. > > > > > http://www.tarantella.com/ttba > > > > > ********************************************************** > > > > > Useful Thin Client Computing Links are available at: > > > > > http://thin.net/links.cfm > > > > > *********************************************************** > > > > > For Archives, to Unsubscribe, Subscribe or=3D3D3D20 > set Digest = > or > > > > Vacation > > > > > mode use the below link: > > > > > http://thin.net/citrixlist.cfm > > > > > ******************************************************** > > > > > This Week's Sponsor - Tarantella Secure Global Desktop > > > Tarantella > > > > > Secure Global Desktop Terminal Server Edition Free > > > Terminal Service > > > > > Edition software with 2 years maintenance. > > > > > http://www.tarantella.com/ttba > > > > > ********************************************************** > > > > > Useful Thin Client Computing Links are available at: > > > > > http://thin.net/links.cfm > > > > > *********************************************************** > > > > > For Archives, to Unsubscribe, Subscribe or set Digest or > > > > Vacation mode > > > > > use the below link: > > > > > http://thin.net/citrixlist.cfm > > > > >=3D3D20 > > > >=3D3D20 > > > > ******************************************************** > > > > This Week's Sponsor - Tarantella Secure Global Desktop > > Tarantella=3D3D20 > > > >Secure Global Desktop Terminal Server Edition Free > Terminal=3D20=20 > > > >Service=3D3D20 Edition software with 2 years maintenance. > > > > http://www.tarantella.com/ttba > > > > ********************************************************** > > > > Useful Thin Client Computing Links are available at: > > > > http://thin.net/links.cfm > > > > *********************************************************** > > > > For Archives, to Unsubscribe, Subscribe or set Digest or > > > Vacation mode > > > > use the below link: > > > > http://thin.net/citrixlist.cfm > > >=3D3D20 > > > -----BEGIN PGP SIGNATURE----- > > > Version: PGP 8.0.3 > > > Comment: Public PGP Key for Chris Lynch =3D3D20=3D20=20 > > >iQA/AwUBQLE6t29fg+xq5T3MEQJmsACgpGqb7nCW1cW5QldAR54x/nC09kAAoLrv > > > dqUd4OjnrLJGZGIO0tlMyEUp > > > =3D3D3Do4O5 > > > -----END PGP SIGNATURE----- > > >=3D3D20 > > > ******************************************************** > > > This Week's Sponsor - Tarantella Secure Global Desktop > > Tarantella=3D3D20 > > >Secure Global Desktop Terminal Server Edition Free Terminal > > Service=3D3D20 > > >Edition software with 2 years maintenance. > > > http://www.tarantella.com/ttba > > > ********************************************************** > > > Useful Thin Client Computing Links are available at: > > > http://thin.net/links.cfm > > > *********************************************************** > > > For Archives, to Unsubscribe, Subscribe or set Digest or > > Vacation mode > >=3D20 > > > use the below link: > > > http://thin.net/citrixlist.cfm > > >=3D3D20 > >=3D20 > > ******************************************************** > > This Week's Sponsor - Tarantella Secure Global Desktop > Tarantella=3D20 > >= > =20 > >Secure Global Desktop Terminal Server Edition Free Terminal = > Service=3D20 > > >Edition software with 2 years maintenance. > > http://www.tarantella.com/ttba > > ********************************************************** > > Useful Thin Client Computing Links are available at: > > http://thin.net/links.cfm > > *********************************************************** > > For Archives, to Unsubscribe, Subscribe or set Digest or > Vacation mode > > > use the below link: > > http://thin.net/citrixlist.cfm > >=3D20 > >=3D20 > > ******************************************************** > > This Week's Sponsor - Tarantella Secure Global Desktop > Tarantella=3D20 > >= > =20 > >Secure Global Desktop Terminal Server Edition Free Terminal = > Service=3D20 > > >Edition software with 2 years maintenance. > > http://www.tarantella.com/ttba > > ********************************************************** > > Useful Thin Client Computing Links are available at: > > http://thin.net/links.cfm > > *********************************************************** > > For Archives, to Unsubscribe, Subscribe or set Digest or > Vacation mode > > > use the below link: > > http://thin.net/citrixlist.cfm > >=3D20 > > ******************************************************** > This Week's Sponsor - Tarantella Secure Global Desktop > Tarantella Secure Global Desktop Terminal Server Edition Free > Terminal Service Edition software with 2 years maintenance. > http://www.tarantella.com/ttba > ********************************************************** > Useful Thin Client Computing Links are available at: > http://thin.net/links.cfm > *********************************************************** > For Archives, to Unsubscribe, Subscribe or set Digest or > Vacation mode use the below link: > http://thin.net/citrixlist.cfm > > > ******************************************************** > This Week's Sponsor - Tarantella Secure Global Desktop > Tarantella Secure Global Desktop Terminal Server Edition Free > Terminal Service Edition software with 2 years maintenance. > http://www.tarantella.com/ttba > ********************************************************** > Useful Thin Client Computing Links are available at: > http://thin.net/links.cfm > *********************************************************** > For Archives, to Unsubscribe, Subscribe or set Digest or > Vacation mode use the below link: > http://thin.net/citrixlist.cfm > > > ******************************************************** > This Week's Sponsor - Tarantella Secure Global Desktop > Tarantella Secure Global Desktop Terminal Server Edition Free > Terminal Service Edition software with 2 years maintenance. > http://www.tarantella.com/ttba > ********************************************************** > Useful Thin Client Computing Links are available at: > http://thin.net/links.cfm > *********************************************************** > For Archives, to Unsubscribe, Subscribe or set Digest or > Vacation mode use the below link: > http://thin.net/citrixlist.cfm > ******************************************************** This Week's Sponsor - Tarantella Secure Global Desktop Tarantella Secure Global Desktop Terminal Server Edition Free Terminal Service Edition software with 2 years maintenance. http://www.tarantella.com/ttba ********************************************************** Useful Thin Client Computing Links are available at: http://thin.net/links.cfm *********************************************************** For Archives, to Unsubscribe, Subscribe or set Digest or Vacation mode use the below link: http://thin.net/citrixlist.cfm