Andhra chatting site - Xp stuck on validating identity

Recently there has been a lot of attention given to the Remote Desktop Protocol for attacker.The protocol has seen a work in 2011 that abused week passwords and it’s features to copy files and infect other machines and now in 2012 there is a remote code execution bug in the protocol it self.

xp stuck on validating identity-70xp stuck on validating identity-28xp stuck on validating identity-35

Using the TLS connection as an encrypted channel; it does not rely on the client/server authentication services that are available in TLS but does uses it for validating identity.

The Cred SSP Protocol then uses the Simple and Protected Generic Security Service Application Program Interface Negotiation Mechanism (SPNEGO) Protocol Extensions to negotiate a Generic Security Services (GSS) mechanism that performs mutual authentication and GSS confidentiality services to securely bind to the TLS channel and encrypt the credentials for the target server.

It should be noted that all GSS security tokens are sent over the encrypted TLS channel.

This tokens can be NTL, Kerberos or PKI Authentication for Smart Cards.

The graphic bellow illustrates how this is done: Most brut force tools currently out there do not take in to account NLA, it would slow down the process even more and add another level of complexity.

Since no packet will reach the RDP service until Cred SSP has finished negotiation of the connection it protects the servers from Do S and exploits.

NLA is present in the latest versions of Windows, for Server: NLA was introduced first with RDP 6.0 in Windows Vista and later on Windows XP SP3.

One of the biggest advantages also is that since TLS is used it will warn us if it can not validate the identity of the host we are connecting to.

For this we will need a PKI infrastructure integrated with AD in our Windows environment.

Tags: , ,