??????

So, I guess someone could come out on port 80 and remote control a machine over the Internet. If so, doesn't MS have enough problems without coming up with something like this?

Duane :)

With the Remote Desktop Web Connection, you can start a remote desktop connection from your Web browser.

To do so, point your browser to a server that is configured with Remote Desktop Web Connection, download an ActiveX control, and then connect to a Windows XP-based server with Remote Desktop. Client computers may also connect to a Microsoft Windows 2000-based server or to a server that is running Microsoft Windows NT 4.0 Terminal Server Edition.

over the Internet.

Yes, your guess is correct, but only if the target server has installed and enabled Remote Desktop, and if the attacker has an ID/password on the target machine.

Microsoft gives you the gun and the ammunition, but you have to assemble them, and put them where a thief entering your house can find the loaded gun.

Cut the bafflegab. :-)

You are a knuckle head D.A., and you too M.J.P. It still requires TCP/3389, or your modified RDP port of choice via regedit, to be accessible. Your source port will not be 80, your original destination will, and then eventually use 3389 via the ActiveX component. And lastly, how the phuck is this a firewall post? Freaking chuckle heads, you guys are sharp as marbles.

snipped-for-privacy@UVic.CA (Melvin Klassen) wrote in news:edkDsTLBzWmk-pn2-3f7ZSWBlbrCX@localhost:

Well it's kind of like that and who cares about an attack. I am more interested in someone like at work who would use this technology to come out on port 80 to make contact with their home network and start doing everything else but their job and possibly start doing file transfers the whole nine yards to put a protected network at risk if this technology has the ability to xfer files. You can xfer files with Citrix's Web Client Terminal service but you cannot remote control a machine on the other end with a browser.

You can bet someone will set-up and try it. I am damn near tempted just to see if I can do it, but I won't. ;-)

Duane :)

"Munpe Q" wrote in news:1111039805.446161.112640 @g14g2000cwa.googlegroups.com:

You need to drop dead TROLL and get with the program you moron and read the just of my post and what I am pointing out. My post has nothing to do with other than someone's ability to setup a situation to make contact with a non-secure home network through a browser from a secure environment.

And you have set off on some moron TROLL trek.

Duane :)

On other thing Meatloaf and trash that blew-in on last week's garbage that needs to be picked up off the corner, this is the *Security* and Firewall NG that deals with security and FW issues.

Duane