[THIN] Re: Port/box Security

From: "Jeff Durbin" <techlists@xxxxxxxxxxxxx>
To: <thin@xxxxxxxxxxxxx>
Date: Tue, 25 May 2004 08:45:49 +1200
  I'm a consultant, so when I have the say-so, I do the following:

- enable auditing of account logon events
- enable a strong password and account lockout policy
- look at the logs periodically (or have an automated warning system in
place for suspicious events)
- enable encryption on the RDP connection
- enable the logon warning message
- Limit RDP logon permission only to users that require it

  I'm not looking for specific help with securing my environment. It was
more of a hypothetical question about exploiting RDP or the GINA. Thanks for
all the responses.

JD
 

> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx 
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Nick Smith
> Sent: Tuesday, 25 May 2004 12:25 a.m.
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Port/box Security
> 
> And make sure that there's a lockout on every user account if 
> they use the wrong password, say 3 times, or. Which should 
> stop brute force dictionary attacks.
> And check your security logs regularly (You did enable 
> auditing, right)?
> You could use GFI's Security Event Log Monitor. I could sell 
> it to you:) =20
> 
> -----Original Message-----
> From: Russell Robertson [mailto:russell.robertson@xxxxxxxxx]=20
> Sent: 24 May 2004 11:58
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Port/box Security
> 
> Jeff
> 
> Yup, I sussed that this was direct RDP connection using the 
> RDP client.
> You didn't mention setting encryption, so it's hugely better 
> than not setting it!
> 
> To get back to your point, I did see a site a while back 
> which was creating a hacking tool to do excatly what you are 
> describing. However, it wasn't for Windows 2003 server, it 
> may not have even been for 2000.
> If I can find it, I'll post it.
> 
> One of the things believe it or not which helps is to set the 
> legal logon message. Each time someone tries to login, they 
> have to accept the legal logon message. You might want to add 
> this if you have not done already.
> 
> Cheers
> 
> Russell
> 
> 
> -----Original Message-----
> From: thin-bounce@xxxxxxxxxxxxx 
> [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> Sent: 24 May 2004 11:31
> To: thin@xxxxxxxxxxxxx
> Subject: [THIN] Re: Port/box Security
> 
> Remember, I'm talking about RDP only, so no Web Interface. 
> The interaction is between the RDP client and the server, all 
> over RDP. If the RDP connection is to a server, you can set 
> the encryption level on the RDP-Tcp connection on the server. 
> According to the help file, "All levels use the standard RSA 
> RC4 encrpytion." There are various key strengths that can be 
> specified, up to 128 bit key lengths for clients that support 
> them (see MSKB 814590). So, the credentials are encrypted, 
> although with the default settings, the encryption appears to 
> be minimal.
>   Note that this applies to servers. Windows XP supports 
> Terminal Services as well, but I'm not sure if this low 
> default level of encryption applies there as well. I suspect 
> it would, at least, use the minimal key strength of 56-bits.=3D20
> 
> JD=3D20
> 
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Russell Robertson
> > Sent: Monday, 24 May 2004 8:32 p.m.
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: Port/box Security
> >=3D20
> > Now, I'm certainly no expert on this, but one of the 
> reasons for=3D20  
> >=
> 
> >getting the SSL cert is to encrypt the communication between 
> the=3D20 
> >=20 client and the web interface (or public web server, RDP 
> server, etc.).
> 
> > This is the first connection the client makes.=3D3D20 =3D20 
>  If you =
> don't=20
> >have SSL, aren't you sending usernames and passwords=3D20  across 
> >the=20 Internet in clear text and therefore easily accessible?
> >=3D20
> > Cheers
> >=3D20
> > Russell
> > Skibo Technologies
> >=3D20
> > =3D3D20
> >=3D20
> > -----Original Message-----
> > From: thin-bounce@xxxxxxxxxxxxx
> > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> > Sent: 24 May 2004 04:35
> > To: thin@xxxxxxxxxxxxx
> > Subject: [THIN] Re: Port/box Security
> >=3D20
> >   Man, you might want to lay off the caffeine a little.=3D3D20
> >   I did read your whole post. What I was wondering was whether=20 
> >anyone=3D20  did know of any way to exploit the GINA other 
> than typing 
> >=
> in
> 
> >guesses=3D20  for usernames and passwords and whether anyone 
> knew of =
> any=20
> >RDP=3D20  exploits.
> >   As for the cost, there are plenty of companies that use TS=20 
> >without=3D20  Citrix to provide desktops, and even more 
> companies allow 
> >=
> 
> >remote=3D20  access via RDP to servers simply for administrative =
> access.=20
> >So the=3D20  cost issue to implement WI/CSG IS significant when you =
> have=20
> >to add=3D20  Citrix itself in addition to the hardware and 
> the certs. =
> My=20
> >question=3D20  isn't whether or not WI/CSG is safer; I agree 
> that it =
> is.=20
> >I'm trying=3D20  to assess the level of security that exists 
> to an=20 
> >RDP-exposed server=3D20  in the absence of WI/CSG.
> >   What I'm really getting at here is this: If I have a server=20 
> >that's=3D20  exposed publicly via RDP, and I feel confident 
> that the=20 
> >usernames and=3D20  passwords are not easily guessed (a 
> stretch in most 
> >=
> 
> >environments, I=3D20  know), is the GINA
> > *itself* or RDP vulnerable?
> >=3D20
> > JD
> >=3D20
> > > -----Original Message-----
> > > From: thin-bounce@xxxxxxxxxxxxx
> > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Lynch
> > > Sent: Monday, 24 May 2004 12:01 p.m.
> > > To: thin@xxxxxxxxxxxxx
> > > Subject: [THIN] Re: Port/box Security =3D3D20  =3D3D20  
> > >-----BEGIN=20 PGP=3D20 SIGNED MESSAGE-----
> > > Hash: SHA1
> > >=3D3D20
> > > Hey moron (and I use that term very loosely, 'cuz a moron
> > has more=3D3D20
> > >brains than you)!
> > >=3D3D20
> > > Just because I said dictionary attack, doesn't mean that I
> > captured=3D3D20
> > >data from a TCP or UDP stream, and I was attempting to guess =
> the=3D3D20
> 
> > >=3D
> 
> > >password hash.  If I get a GINA prompt, I can start using "common"
> > > usernames (administrator, backup, nimda, etc), and then use=20 
> > >a=3D3D20=3D20 dictionary cracker to come up with common 
> passwords and
> > enter them=3D3D20
> > >into the prompt.  I agree that WI exposes the same thing,
> > but at least
> >=3D20
> > > it's one central location, instead of multiple servers.  To
> > reduce the
> >=3D20
> > > risk further, yes, use 2 factor authentication (SafeWord or =
> RSA=3D3D20
> 
> > > =3D
> 
> > >tokens).  There have been some GINA exploits in the past
> > (NT4 was a=3D3D20
> > >prime suspect, don't know of one with Windows 2000).
> > >=3D3D20
> > > The only cost that a company will need to incur is the
> > hardware (very
> > > minimal) and the SSL cert (1 or 2, and you can get them cheap).
> > >=3D3D20
> > > My argument wasn't necessarily with exposing GINA (you really=20 
> > >need=3D20 to=3D3D20  read the whole email).  I stated that 
> *most*=20 
> > >locations have=3D20 either the
> >=3D20
> > > UDP port or the XML port open to the internet for ICA Browsing.
> > > There are a few hacks out there for capturing this info and
> > getting=3D3D20
> > >the usernames and passwords, as well as enumerating the
> > published=3D3D20
> > >applications.  Using WI and CSG eliminate this completely.
> > >=3D3D20
> > > Sheesh, and you called yourself a Senior Engineer.
> > >=3D3D20
> > > Chris
> > >=3D3D20
> > > [INSERT]  Don't the flames start, cuz he and I used to work =
> with=3D20=20
> > >each=3D3D20  other. [/INSERT] =3D3D20
> > > > -----Original Message-----
> > > > From: thin-bounce@xxxxxxxxxxxxx
> > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> > > > Sent: Friday, May 21, 2004 10:36 PM
> > > > To: thin@xxxxxxxxxxxxx
> > > > Subject: [THIN] Re: Port/box Security =3D3D20
> > > >   Someone who's got any server whose adminstrator password
> > > is blank or
> > > > easy has bigger problems than whether or not to expose a TS
> > > directly
> > > > to the Internet. I never said it was the right thing to 
> do.=3D3D20
> > > Nor did I
> > > > say this:
> > > > =3D3D20
> > > > "You never knew he was there... so you claim to allow 1494
> > > to the LAN
> > > > and have zero issues to date. How would you know?"
> > > >=3D3D20
> > > >   I agree that the risk is decreased if you have a single =
> point=3D20
> 
> > > >of=3D3D20  entry
> > > > (CSG/WI) to your farm rather than exposing multiple servers
> > > directly.=3D3D20
> > > > However, if anyone does find your WI page, you still have
> > > 100% of the
> > > > password guesing risk unless you use two-factor authentication.
> > > >   Really, my question was whether there was a direct risk
> > > of exposing
> > > > the GINA, i.e., can you get a password hash? Chris said
> > > that exposing
> > > > the GINA put you at risk for a dictionary attack, and I
> > > don't see how
> > > > it does.
> > > >=3D3D20
> > > > JD
> > > >=3D3D20
> > > > > -----Original Message-----
> > > > > From: thin-bounce@xxxxxxxxxxxxx
> > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Roger Riggins
> > > > > Sent: Saturday, 22 May 2004 5:16 p.m.
> > > > > To: thin@xxxxxxxxxxxxx
> > > > > Subject: [THIN] Re: Port/box Security =3D3D20  Just because
> > a lot of
> > > > >people do it, doesn't mean it's the
> > > > right thing
> > > > > to do. One doesn't always need a password hash to score a
> > > > password. I
> > > > > *guarantee* that some of the people that are reading these
> > > > posts have
> > > > > member servers that are running TS and don't have a=20 
> > > > > local=3D3D20=3D20 administrator password. Some also have =
> passwords=20
> > > > > that are=3D20 easily=3D3D20 guessed on the second or third =
> attempts.
> 
> > > > > Once
> > you're on
> > > as a local
> > > > > admin, you can shadow...install a sniffer...browse the
> > > profiles on
> > > > > that machine...whatever you want! Oh, you don't use an idle
> > > > timeout?=3D3D20
> > > > > Then he'll shadow a session at 3:00 in the morning when
> > > > nobody is in
> > > > > the office.
> > > > > Maybe it'll be an IT person's session who is a domain admin.
> > > > > Then he'll create his own domain admin account with an
> > > obscure name
> > > > > that you may overlook. Maybe he'll map his client drive and
> > > > copy your
> > > > > HR and fiscal databases to his local machine.
> > > > >=3D3D20
> > > > > You never knew he was there... so you claim to allow 1494
> > > > to the LAN
> > > > > and have zero issues to date. How would you know?=3D3D3D20
> > =3D3D20  Also,
> > > > >if somebody finds 3389 or 1494 open it may prompt
> > > > them to do a
> > > > > little social engineering. It's easier than you think. He
> > > already
> > > > > knows you run Citrix or TS, right?
> > > > >=3D3D20
> > > > > Can they do the same thing if you're running CSG? Sure,
> > > but they'll
> > > > > have a hell of a time finding WI sites with a port scanner.
> > > > By using
> > > > > CSG, you're reducing the risk. CSG is FREE!=3D3D3D20 =3D3D20
> > Infosec is
> > > > >about best effort. It's our job to give that
> > > > best effort,
> > > > > IMHO.=3D3D3D20
> > > > >=3D3D20
> > > > > Good luck,
> > > > > R=3D3D3D20
> > > > >=3D3D20
> > > > > -----Original Message-----
> > > > > From: thin-bounce@xxxxxxxxxxxxx
> > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Jeff Durbin
> > > > > Sent: Friday, May 21, 2004 6:05 PM
> > > > > To: thin@xxxxxxxxxxxxx
> > > > > Subject: [THIN] Re: Port/box Security =3D3D20
> > > > >   Let's say you did see the login prompt, either via ICA or
> > > > RDP. How
> > > > > would you use a dictionary attack if you didn't have a
> > > > username and a
> > > > > password hash? Or, maybe what I'm asking is, how would that
> > > > help you
> > > > > get a username and a password hash which you could use =
> a=3D3D20=3D20
> 
> > > > > dictionary/brute force attack on?
> > > > >   You know me - when it comes to paranoia, I'm up there
> > > > with the worst
> > > > > of them, but I'm not sure how getting a windows login
> > > screen hurts
> > > > > you.
> > > > > Unless
> > > > > that specific situation can somehow be used to get a
> > > username and
> > > > > password hash, I don't see the danger (unless there's 
> a=3D20=20 
> > > > > protocol=3D3D20 vulnerability that can be exploited, 
> in which =
> case
> 
> > > > > =3D
> 
> > > > > WI/CSG
> > > insulates
> > > > > you from it).=3D3D3D20
> > > > >   As an aside, and to illustrate how many companies do
> > > > this, consider
> > > > > this:
> > > > > One of my customers moved physical locations, and his ISP
> > > > changed his
> > > > > IP address. I didn't know the new IP addresses of his
> > > > Terminal Server
> > > > > and couldn't reach the administrator. I figured it might be
> > > > close to
> > > > > his old address, so I port-scanned 253 IP addresses looking
> > > > for port
> > > > > 3389. I found about 60 servers, so there are a lot of
> > > people doing
> > > > > this.
> > > > >=3D3D20
> > > > > JD
> > > > >=3D3D20
> > > > >=3D3D20
> > > > >=3D3D20
> > > > > > -----Original Message-----
> > > > > > From: thin-bounce@xxxxxxxxxxxxx=3D3D3D20=3D3D20=3D20
> > > > > >[mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of Chris Lynch
> > > > > > Sent: Friday, 21 May 2004 6:51 a.m.
> > > > > > To: thin@xxxxxxxxxxxxx
> > > > > > Subject: [THIN] Re: Port/box Security =3D3D3D20  =3D3D3D20
> > -----BEGIN =3D3D
> > PGP=3D3D20
> > > > > >SIGNED MESSAGE-----
> > > > > > Hash: SHA1
> > > > > >=3D3D3D20
> > > > > > To say that you have never experienced this, doesn't
> > > > > mean=3D3D3D20  that it
> > > > > >doesn't happen.  Just do a search on=3D3D3D20
> > > > http://neworder.box.sk for
> > > > > >CITRIX or ICA and you will find a=3D3D3D20  few 
> exploits/hacks.
> > > > > Can you say
> > > > > >for sure that no one has=3D3D3D20  EVER attempted to 
> log into =
> =3D
> your
> > > > > systems? =3D3D20
> > > > > >If I did a port=3D3D3D20  scan on your external IP 
> range and =
> saw
> > > > that 1494
> > > > > >was open, or=3D3D3D20  3389, or if my port scanner 
> attempted a
> > > > > telnet to that
> > > > > >port=3D3D3D20  to see if any banner was presented for the
> > > service and I
> > > > > >get=3D3D3D20  the ^ICA prompt, I know that I need the ICA=20 
> > > > > >client=3D20 to=3D3D20 connect=3D3D3D20  to that IP 
> address.  =
> Bam.  I=20
> > > > > >have a =3D
> logon
> > > > prompt.  I can
> > > > > >then=3D3D3D20  try to use a dictionary attack 
> attempt to guess
> > > usernames
> > > > > >and=3D3D3D20  passwords.  OR, if you have the XML 
> service open
> > > to the=3D3D3D20
> > > > > >internet or the ICA Browser service (1604/UDP), all I
> > > > > would=3D3D3D20  need to
> > > > > >do is capture or attempt a redirect (hijack) 
> the=3D3D3D20  =3D
> TCP/UDP
> > > > > connection
> > > > > >to my machine.  I could then attempt to=3D3D3D20  crack
> > the password.
> > > > > >=3D3D3D20
> > > > > > Again, there is a lot of "attempting" here.  I would
> > > > rather=3D3D3D20  be
> > > > > >safe knowing that I had SG in place or a VPN in place
> > > that=3D3D3D20 is
> > > > > >securing the communications.  Also, what's to say that =
> I=3D3D3D20
> > > > > cannot get
> > > > > >the source of the connection, and break into that=3D3D3D20
> > > > machine?  How
> > > > > >many users out there have firewalls in place? =3D3D3D20
> > Not many.=3D3D20
> > > > > >With  Windows XP SP2, the firewall will be enabled=3D3D3D20
> > > by default.
> > > > >  That's a
> > > > > >good thing.  We will see how robust=3D3D3D20  that 
> firewall is. 
> > > > > >=
> =3D
> =3D3D20
> > > > > That's also
> > > > > >for another discussion.
> > > > > >=3D3D3D20
> > > > > > Chris=3D3D3D20
> > > > > >=3D3D3D20
> > > > > > > -----Original Message-----
> > > > > > > From: thin-bounce@xxxxxxxxxxxxx=3D3D20=3D20=20
> > > > > > > [mailto:thin-bounce@xxxxxxxxxxxxx] On Behalf Of
> > Robert K=3D3D3D20
> > > > > > Coffman Jr -=3D3D3D20
> > > > > > > Info From Data Corporation
> > > > > > > Sent: Thursday, May 20, 2004 11:38 AM
> > > > > > > To: thin@xxxxxxxxxxxxx
> > > > > > > Subject: [THIN] Re: Port/box Security =3D3D3D20  While I
> > > > > completely agree
> > > > > > >with you in theory, in practice this has=3D3D3D20  never
> > > caused us a
> > > > > > >problem.  I've suggested to my clients=3D3D3D20
> > > > > > that it may=3D3D3D20
> > > > > > > be a matter of time before this port gets exploited, =3D
> to=3D3D3D20
> > > > > > date we've had=3D3D3D20
> > > > > > > 0 issues and have been running this way for years.
> > > > > > >=3D3D3D20
> > > > > > > Can anyone provide concrete reasons not to expose 1494
> > > > to the=3D3D3D20
> > > > > > >internet?
> > > > > > >=3D3D3D20
> > > > > > > PS - Don't jump all over me here, I'm all in favor of
> > > > > exposing as=3D3D3D20
> > > > > > >little as possible to the net...  I just need more
> > ammo to=3D3D20
> > > > > > >convince=3D3D3D20  those with the purse strings.
> > > > > > >=3D3D3D20
> > > > > > > - Bob Coffman
> > > > > > >=3D3D3D20
> > > > > > > -----Original Message-----
> > > > > > > From: thin-bounce@xxxxxxxxxxxxx =3D3D20=3D20=20 
> > > > > > >[mailto:thin-bounce@xxxxxxxxxxxxx]On Behalf Of Chris Lynch
> > > > > > > Sent: Thursday, May 20, 2004 12:01 PM
> > > > > > > To: thin@xxxxxxxxxxxxx
> > > > > > > Subject: [THIN] Re: Port/box Security =3D3D3D20 
> =3D3D3D20 =
> =3D
> =3D3D3D20
> > > > -----BEGIN PGP
> > > > > > >SIGNED MESSAGE-----
> > > > > > > Hash: SHA1
> > > > > > >=3D3D3D20
> > > > > > > The cost of hardware is negligible once someone high =
> up=3D3D20
> 
> > > > > > >=3D
> 
> > > > > > >understands=3D3D3D20  the security implications.  
> Also, these
> > > > > two services
> > > > > > >can run on the=3D3D3D20  same server, and don't 
> require much
> > > (PIV with
> > > > > > >512MB of RAM would be=3D3D3D20  sufficient for almost 1000
> > > > connections).
> > > > > > >=3D3D3D20
> > > > > > > And, notice that I said "WI AND SG".  I would 
> never=3D3D3D20
> > > > > > recommend running=3D3D3D20
> > > > > > > just WI, unless it was for internal users only.
> > > > > > > Exposing the ICA port to the Internet is just asking
> > > > for trouble.=3D3D20
> > > > > > > =3D3D3D20 Especially if you are also wanting Program =3D3D
> > Neighborhood=3D3D3D20
> > > > > > access (either=3D3D3D20
> > > > > > > XML or 1604/UDP).
> > > > > > >=3D3D3D20
> > > > > > > Chris
> > > > > > >=3D3D3D20
> > > > > > >=3D3D3D20
> > > > > > >=3D3D3D20
> > > > > > > ********************************************************
> > > > > > > This Week's Sponsor - Tarantella Secure Global Desktop
> > > > > Tarantella=3D3D3D20
> > > > > > >Secure Global Desktop Terminal Server Edition Free
> > Terminal=3D3D20
> > > > > > >Service=3D3D3D20  Edition software with 2 years 
> maintenance.
> > > > > > > http://www.tarantella.com/ttba
> > > > > > > **********************************************************
> > > > > > > Useful Thin Client Computing Links are available at:
> > > > > > > http://thin.net/links.cfm
> > > > > > > 
> ***********************************************************
> > > > > > > For Archives, to Unsubscribe, Subscribe or set
> > Digest or=3D3D3D20
> > > > > > Vacation mode=3D3D3D20
> > > > > > > use the below link:
> > > > > > > http://thin.net/citrixlist.cfm
> > > > > >=3D3D3D20
> > > > > > -----BEGIN PGP SIGNATURE-----
> > > > > > Version: PGP 8.0.3
> > > > > > Comment: Public PGP Key for Chris Lynch =3D3D3D20=3D3D20
> > > > >=3D20
> > >iQA/AwUBQKz+Dm9fg+xq5T3MEQJWtACeL2emd6LHrEyj54jl74ZE4xy6cgIAnRDK
> > > > > > jVFNAPrlJdIEcLdr+f0rsFY4
> > > > > > =3D3D3D3Drs5a
> > > > > > -----END PGP SIGNATURE-----
> > > > > >=3D3D3D20
> > > > > >=3D3D3D20
> > > > > > ********************************************************
> > > > > > This Week's Sponsor - Tarantella Secure Global =
> Desktop=3D3D3D20
> > > > > Tarantella
> > > > > >Secure Global Desktop Terminal Server Edition Free=3D3D3D20
> > > > > Terminal Service
> > > > > >Edition software with 2 years maintenance.
> > > > > > http://www.tarantella.com/ttba
> > > > > > **********************************************************
> > > > > > Useful Thin Client Computing Links are available at:
> > > > > > http://thin.net/links.cfm
> > > > > > ***********************************************************
> > > > > > For Archives, to Unsubscribe, Subscribe or set Digest =3D
> or=3D3D3D20
> > > > >  Vacation
> > > > > >mode use the below link:
> > > > > > http://thin.net/citrixlist.cfm =3D3D3D20
> > > > >=3D3D20
> > > > > ********************************************************
> > > > > This Week's Sponsor - Tarantella Secure Global Desktop
> > > Tarantella
> > > > > Secure Global Desktop Terminal Server Edition Free
> > > Terminal Service
> > > > > Edition software with 2 years maintenance.
> > > > > http://www.tarantella.com/ttba
> > > > > **********************************************************
> > > > > Useful Thin Client Computing Links are available at:
> > > > > http://thin.net/links.cfm
> > > > > ***********************************************************
> > > > > For Archives, to Unsubscribe, Subscribe or=3D3D3D20 
> set Digest =
> or
> > > > Vacation
> > > > > mode use the below link:
> > > > > http://thin.net/citrixlist.cfm
> > > > > ********************************************************
> > > > > This Week's Sponsor - Tarantella Secure Global Desktop
> > > Tarantella
> > > > > Secure Global Desktop Terminal Server Edition Free
> > > Terminal Service
> > > > > Edition software with 2 years maintenance.
> > > > > http://www.tarantella.com/ttba
> > > > > **********************************************************
> > > > > Useful Thin Client Computing Links are available at:
> > > > > http://thin.net/links.cfm
> > > > > ***********************************************************
> > > > > For Archives, to Unsubscribe, Subscribe or set Digest or
> > > > Vacation mode
> > > > > use the below link:
> > > > > http://thin.net/citrixlist.cfm
> > > > >=3D3D20
> > > >=3D3D20
> > > > ********************************************************
> > > > This Week's Sponsor - Tarantella Secure Global Desktop
> > Tarantella=3D3D20
> > > >Secure Global Desktop Terminal Server Edition Free 
> Terminal=3D20=20 
> > > >Service=3D3D20  Edition software with 2 years maintenance.
> > > > http://www.tarantella.com/ttba
> > > > **********************************************************
> > > > Useful Thin Client Computing Links are available at:
> > > > http://thin.net/links.cfm
> > > > ***********************************************************
> > > > For Archives, to Unsubscribe, Subscribe or set Digest or
> > > Vacation mode
> > > > use the below link:
> > > > http://thin.net/citrixlist.cfm
> > >=3D3D20
> > > -----BEGIN PGP SIGNATURE-----
> > > Version: PGP 8.0.3
> > > Comment: Public PGP Key for Chris Lynch =3D3D20=3D20=20 
> > >iQA/AwUBQLE6t29fg+xq5T3MEQJmsACgpGqb7nCW1cW5QldAR54x/nC09kAAoLrv
> > > dqUd4OjnrLJGZGIO0tlMyEUp
> > > =3D3D3Do4O5
> > > -----END PGP SIGNATURE-----
> > >=3D3D20
> > > ********************************************************
> > > This Week's Sponsor - Tarantella Secure Global Desktop
> > Tarantella=3D3D20
> > >Secure Global Desktop Terminal Server Edition Free Terminal
> > Service=3D3D20
> > >Edition software with 2 years maintenance.
> > > http://www.tarantella.com/ttba
> > > **********************************************************
> > > Useful Thin Client Computing Links are available at:
> > > http://thin.net/links.cfm
> > > ***********************************************************
> > > For Archives, to Unsubscribe, Subscribe or set Digest or
> > Vacation mode
> >=3D20
> > > use the below link:
> > > http://thin.net/citrixlist.cfm
> > >=3D3D20
> >=3D20
> > ********************************************************
> > This Week's Sponsor - Tarantella Secure Global Desktop 
> Tarantella=3D20 
> >=
> =20
> >Secure Global Desktop Terminal Server Edition Free Terminal =
> Service=3D20
> 
> >Edition software with 2 years maintenance.
> > http://www.tarantella.com/ttba
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thin.net/links.cfm
> > ***********************************************************
> > For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode
> 
> > use the below link:
> > http://thin.net/citrixlist.cfm
> >=3D20
> >=3D20
> > ********************************************************
> > This Week's Sponsor - Tarantella Secure Global Desktop 
> Tarantella=3D20 
> >=
> =20
> >Secure Global Desktop Terminal Server Edition Free Terminal =
> Service=3D20
> 
> >Edition software with 2 years maintenance.
> > http://www.tarantella.com/ttba
> > **********************************************************
> > Useful Thin Client Computing Links are available at:
> > http://thin.net/links.cfm
> > ***********************************************************
> > For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode
> 
> > use the below link:
> > http://thin.net/citrixlist.cfm
> >=3D20
> 
> ********************************************************
> This Week's Sponsor - Tarantella Secure Global Desktop 
> Tarantella Secure Global Desktop Terminal Server Edition Free 
> Terminal Service Edition software with 2 years maintenance.
> http://www.tarantella.com/ttba
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
> 
> 
> ********************************************************
> This Week's Sponsor - Tarantella Secure Global Desktop 
> Tarantella Secure Global Desktop Terminal Server Edition Free 
> Terminal Service Edition software with 2 years maintenance.
> http://www.tarantella.com/ttba
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
> 
> 
> ********************************************************
> This Week's Sponsor - Tarantella Secure Global Desktop 
> Tarantella Secure Global Desktop Terminal Server Edition Free 
> Terminal Service Edition software with 2 years maintenance.
> http://www.tarantella.com/ttba
> **********************************************************
> Useful Thin Client Computing Links are available at:
> http://thin.net/links.cfm
> ***********************************************************
> For Archives, to Unsubscribe, Subscribe or set Digest or 
> Vacation mode use the below link:
> http://thin.net/citrixlist.cfm
> 

********************************************************
This Week's Sponsor - Tarantella Secure Global Desktop
Tarantella Secure Global Desktop Terminal Server Edition
Free Terminal Service Edition software with 2 years maintenance.
http://www.tarantella.com/ttba
**********************************************************
Useful Thin Client Computing Links are available at:
http://thin.net/links.cfm
***********************************************************
For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thin.net/citrixlist.cfm
References:

[THIN] Re: Port/box Security
From: Nick Smith
[THIN] Re: Port/box Security

Other related posts:
