SSL / Direct mode Security ??

Discussion in 'Parallels Remote Application Server' started by exordiummortis, Dec 14, 2007.

  1. exordiummortis

    exordiummortis Guest

    Hello,

    I was wondering if anyone had any extensive information on what information the 2x client passes to the Application gateway. Does the 2x client use a variation of RDC? or has 2x written their own connection program using the RDP protocol? I have read that the SSL mode is still a security risk, so would that mean a direct connection to the Terminal server would use RDP's native encryption and therefore be just as secure as connecting directly to TS?

    I really like the 2x product but if the SSL mode is the only "secure" method to connect, then it will not work for our company because there is a refresh issue probably caused by the SSL encryption overhead (according to other forum posts)

    Cheerz!
    Matt
     
    exordiummortis, Dec 14, 2007
    #1
  2. nixu

    nixu Guest

    Hi there,

    The 2X Client is an application that makes use of the RDP protocol.

    As you mentioned correctly, RDP has is native encryption, but it has a flaw regarding the man in the middle attack. To solve this RDP is passed through an ssl tunnel.

    You said, "I have read that the SSL mode is still a security risk" what risks are you talking about??

    What is the refresh issue you are talking about???

    Nixu
     
    nixu, Dec 17, 2007
    #2
  3. exordiummortis

    exordiummortis Guest

    I might have read it wrong, but I though someone mentioned you are still vulnerable to the man in the middle attack with 2x tunneled across SSL... I will have to find the post again and re-read.

    As for the refresh issue, I will try to describe it the best I can. When any of the clients connect with 2x in SSL mode they don't get complete screen draws. An example would be from the initial login screen it will only display the login windows but no actual boxes to type in, but if you click anywhere on the window it will then refresh and complete the screen shot. At first I though it was a color depth issue with the client or maybe a bandwidth issue, but it produces the same results with 256 colors/15 bit/16 bit, DSL, cable, and T1... When I have the client connect through regular gateway mode, the refreshing issue disappears. Normally, it wouldn't be a huge deal to click to refresh the screen, but the app our company uses let's you make irreversible changes if you click on the wrong section of the screen; The last thing I need is to deal with unobservant users wreaking havoc! :)

    Cheerz!
    Matt
     
    exordiummortis, Dec 19, 2007
    #3

Share This Page