[THIN] Re: CSG - Hacking

• From: "Schneider, Samuel M. Mr (Contractor) UHD" <Samuel.Schneider@xxxxxxxxxxxxxxx>
• To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
• Date: Fri, 6 Sep 2002 09:24:45 -0400

        This is a foolish disposition. One should always be vigilant and
accept that any system can be compromised. I will admit, if a CSG admin
utilizes features such as client side server certificates, RSA two factor
authentication and validated/signed client mediums, they will greatly reduce
the likelihood of an breach, however, these features DO NOT eliminate the
possibility of compromise. Should you worry? Only if you don't practice due
diligence and competence in you architecture methodology.


Sam   

-----Original Message-----
From: Chris Lynch [mailto:lynch00@xxxxxxx]
Sent: Thursday, September 05, 2002 8:12 PM
To: thin@xxxxxxxxxxxxx
Subject: [THIN] Re: CSG - Hacking



 
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Exactly.  The only thing anyone could even try to do is DoS the CSG
box.  You CANNOT hack into the system.  If you had the CSG in Realy
mode, then I would say yeah.  But this is not the mode you install
CSG in.  You have to manually specify in a command-line switch when
you execute the installation.  Also, with the 1.1 version, the ticket
is longer than the original release.  Much harder to "crack" or
guess.  Also, after the ticket has been generated, it will expire
after 100ms, which is the default.

Let me know if you have any further questions about this,

CHRIS LYNCH -  MCSE, CCNA, CCA
NETWORK ENGINEER - INFORMATION TECHNOLOGY
NRT Incorporated, 27271 Las Ramblas, Mission Viejo, CA 92691
Chris.lynch@xxxxxxxxxx  Tel 949.367.3406


- -----Original Message-----
From: thin-bounce@xxxxxxxxxxxxx [mailto:thin-bounce@xxxxxxxxxxxxx] On
Behalf Of Stansel, Paul
Sent: Thursday, September 05, 2002 5:03 PM
To: 'thin@xxxxxxxxxxxxx'
Subject: [THIN] Re: CSG - Hacking



Heh...you're talking about a session encrypted with 128bit SSL. 
Unless they are remoting the client box, it ain't gonna happen.

- -Paul

> ----------
> From:         Ray.Albert@xxxxxxxxxxxxxxx[SMTP:Ray.Albert@xxxxxxxxxxxxxxx]
> Reply To:     thin@xxxxxxxxxxxxx
> Sent:         Thursday, September 05, 2002 5:16 PM
> To:   thin@xxxxxxxxxxxxx
> Subject:      [THIN] CSG - Hacking
> 
> 
> 
> Can anyone let me know if there is a way for a user to Hack a
> citrix  published session?
> 
> What we are looking at is giving some or clients access to a
> published  application through NFUSE Classic and use CSG.  This
> will be in the  DMZ. The application will not be in the DMZ.
> 
> Our network and security have doubts about giving someone access to
> an  internal application.
> 
> Anyone have any thoughts on this?
> 
> Please Help.
> 
> Ray Albert
> ChoicePoint Inc
> ray.albert@xxxxxxxxxxxxxxx
> 
> 
> 
> **********************************************
> This weeks sponsor 99Point9.com
> 99Point9 helps solve your unresolved technical
> server-based questions, issues and incidents.
> http://www.99point9.com
> ***********************************************
> 
> For Archives, to Unsubscribe, Subscribe or
> set Digest or Vacation mode use the below link.
> 
> http://thethin.net/citrixlist.cfm
> 


**********************************************
This weeks sponsor 99Point9.com
99Point9 helps solve your unresolved technical
server-based questions, issues and incidents. http://www.99point9.com
***********************************************

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBPXfy3Pl56xfvzmMfEQLjywCgzlRuYupfxwB9YNdr24kkSxcHAhAAoKEX
8H3sbkdA0/14xa39miyrH+9T
=mNjr
-----END PGP SIGNATURE-----



**********************************************
This weeks sponsor 99Point9.com
99Point9 helps solve your unresolved technical
server-based questions, issues and incidents.
http://www.99point9.com
***********************************************

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm


**********************************************
This weeks sponsor 99Point9.com
99Point9 helps solve your unresolved technical
server-based questions, issues and incidents.
http://www.99point9.com
***********************************************

For Archives, to Unsubscribe, Subscribe or 
set Digest or Vacation mode use the below link.

http://thethin.net/citrixlist.cfm

Other related posts:

• » [THIN] CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking
• » [THIN] Re: CSG - Hacking

1. Home
2. thin
3. Archive
4. 09-2002

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---