[THIN] FW: [CitrixCanada] ICA file from Nfuse-CSG
- From: "Selinger, Stephen" <SSelinger@xxxxxxxxxxxxxx>
- To: "'thin@xxxxxxxxxxxxx'" <thin@xxxxxxxxxxxxx>
- Date: Fri, 1 Nov 2002 08:14:46 -0700
I was hoping that someone on this list would have an answer to this question
that I could forward to the Canadian list.
Thanks!
-----Original Message-----
From: Emerson Chi [mailto:EChi@xxxxxxxx]
Sent: November 1, 2002 3:15 AM
To: CitrixCanada@xxxxxxxxxxxxxxx; 'michael.burnett@xxxxxxxxxx'
Subject: [CitrixCanada] ICA file from Nfuse-CSG
I noticed that the ICA file sent by the NFuse server (in a CSG deployment)
contains the ticket, CSG gateway DNS name and encrypted NT domain and
password. If an intruder taps in to the SSL stream and able to crack the NT
domain and password, wouldn't they be able to use it and log in as the user
regardless of the ticket? All they really need is the user name, password
and domain to log in. How true is this and how can it be deemed safe and
secure?
Thanks
Emerson
Yahoo! Groups Sponsor
ADVERTISEMENT
<http://rd.yahoo.com/M=237459.2482214.3917349.2146399/D=egroupweb/S=17072819
14:HM/A=1267611/R=0/*http://ad.doubleclick.net/jump/N2524.Yahoo/B1071650;sz=
300x250;ord=1036156880111335?>
<http://us.adserver.yahoo.com/l?M=237459.2482214.3917349.2146399/D=egroupmai
l/S=:HM/A=1267611/rand=189333636>
To unsubscribe from this group, send an email to:
CitrixCanada-unsubscribe@xxxxxxxxxxxxxxx
Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service
<http://docs.yahoo.com/info/terms/> .
***********************************************
Visit Jim Kenzig of thethin.net at the
Emergent Online Booth #26 at Citrix Iforum 2002!
Register now at:
http://www.citrixiforum.com/registerNow.html
***********************************************
For Archives, to Unsubscribe, Subscribe or
set Digest or Vacation mode use the below link.
http://thethin.net/citrixlist.cfm
Other related posts:
