Re: remote desktop
On The Furrygoat Experience, I read that Steve loves having a remote desktop on his Windows machines. While enabling remote desktop provides good flexibility in the ability to work from anywhere, any place, I feel that I must point out the following:
Microsoft Security Advisory (904797)
Vulnerability in Remote Desktop Protocol (RDP) Could Lead to Denial of Service
Published: July 16, 2005
Microsoft is investigating new public reports of a vulnerability in Remote Desktop Services.
[....]
Our initial investigation has revealed that a denial of service vulnerability exists that could allow an attacker to send a specially crafted Remote Desktop Protocol (RDP) request to an affected system.
[....]
The Internet Storm Center also discussed this vulnerability in their July 16th diary. Even worse, on July 14th, they wrote:
The vulnerability in due to a flaw in the remote desktop assistant. This service is NOT FIREWALLED in XP SP2's default firewall configuration.
Microsoft Security Advisory (904797)
Vulnerability in Remote Desktop Protocol (RDP) Could Lead to Denial of Service
Published: July 16, 2005
Microsoft is investigating new public reports of a vulnerability in Remote Desktop Services.
[....]
Our initial investigation has revealed that a denial of service vulnerability exists that could allow an attacker to send a specially crafted Remote Desktop Protocol (RDP) request to an affected system.
[....]
The Internet Storm Center also discussed this vulnerability in their July 16th diary. Even worse, on July 14th, they wrote:
The vulnerability in due to a flaw in the remote desktop assistant. This service is NOT FIREWALLED in XP SP2's default firewall configuration.