[THIN] using encryption

• From: "Pape Sascha" <Sascha.Pape@xxxxx>
• To: thin@xxxxxxxxxxxxx
• Date: Sun, 8 Jun 2003 22:20:43 +0200

Hi all=20

We've configured our Published Applications using 128bit (RC5) =
encryption and checked=20
the minimum requirement box. I was told that using this setting it would =
be possible
to get the users' logins and passwords by using dsniff because Citrix is =
using=20
weak encryption during the login process and only afterwards the 128Bit =
is enabled.
I haven't managed to get dsniff working but when using ethereal to =
listen to the=20
network traffic I can see that some data like time zone and filenames =
are exchanged=20
in clear text format.=20

I'm wondering if anyone has some more information on this - preferably =
you would have=20
used dsniff to capture the login process.=20

Thanks in advance !

Sascha
********************************************************
This Week's Sponsor - Appsense Technologies
New! AppSense Optimizer is a new product from AppSense 
designed to increase the user capacity of your servers. 
http://www.appsense.com/
**********************************************************
Useful Thin Client Computing Links are available at:
http://thethin.net/links.cfm

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link:
http://thethin.net/citrixlist.cfm

Other related posts:

• » [THIN] using encryption

1. Home
2. thin
3. Archive
4. 06-2003

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---