On Wed, 29 Mar 2000, Dug Song wrote:
> Citrix offers a secure alternative called SecureICA, which uses
> Diffie-Hellman for key exchange and RC5 to encrypt the underlying
> transport (now at 128-bit strength worldwide). While this is certainly
> better than the simple XOR scheme outlined above, it may still be
> vulnerable to an active man-in-the-middle attack. Caveat user.
SecureICA is only available for Windows and DOS clients. Unix, Macintosh,
and Java clients must use the insecure protocol. Due to the nature of the
protocol it cannot be tunnelled through ssh. A VPN is probably the only
solution for Unix, Macintosh and Java clients.
-weld
