|
|
Family: Useless services --> Category: infos
Windows Terminal Service Enabled Vulnerability Scan
Vulnerability Scan Summary
Connects to the remote terminal server
Detailed Explanation for this Vulnerability Test
Synopsis :
The Terminal Services are enabled on the remote host.
Description :
Terminal Services allow a Windows user to remotely obtain
a graphical login (and therefore act as a local user on the
remote host).
If a possible hacker gains a valid login and password, he may
be able to use this service to gain further access
on the remote host. A possible hacker may also use this service
to mount a dictionary attack against the remote host to try
to log in remotely.
Note that RDP (the Remote Desktop Protocol) is vulnerable
to Man-in-the-middle attacks, making it easy for attackers to
steal the credentials of legitimates users by impersonating the
Windows server.
Solution :
Disable the Terminal Services if you do not use them, and
do not allow this service to run across the internet
Threat Level:
None / CVSS Base Score : 0
(AV:R/AC:L/Au:NR/C:N/A:N/I:N/B:N)
Click HERE for more information and discussions on this network vulnerability scan.
|
