Thanks Ken just viewed the Blog was exactly what I needed for verification.
Z Edward Ziots CISSP, Security +, Network + Security Engineer Lifespan Organization [email protected] From: [email protected] [mailto:[email protected]] On Behalf Of Ken Schaefer Sent: Tuesday, June 26, 2012 12:22 PM To: NT System Admin Issues Subject: RE: Hijack on RDP thread, Encryption of RDP traffic Not sure what you mean by "not seeing TLS traffic" - how are you verifying this? FIPS compliant encryption is possible (using it). Found this article that may help troubleshoot your situation: http://blogs.msdn.com/b/openspecification/archive/2011/12/08/encryption- negotiation-in-rdp-connection.aspx Cheers Ken From: Ziots, Edward [mailto:[email protected]] Sent: Tuesday, 26 June 2012 11:50 PM To: NT System Admin Issues Subject: Hijack on RDP thread, Encryption of RDP traffic To the list, For everyone that is using SSL encryption for your RDP communications, are you setting your encryption strengths to FIPS 140-1 Compliance in Win2k8R2 and SSL (TLS 1.0). Also does anyone have a valid packet capture to ensure that the traffic is really being encrypted. I just set this up in test today and took pcaps and I can see the server certificate being utilized from the CA internally that we specified on the RDP connection settings but I don't see TLS traffic on the packet capture between the server and client. Any ideas on this one, I would like to get it locked down so I can complete my work on this. Z Edward Ziots CISSP, Security +, Network + Security Engineer Lifespan Organization [email protected] ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ --- To manage subscriptions click here: http://lyris.sunbelt-software.com/read/my_forums/ or send an email to [email protected] with the body: unsubscribe ntsysadmin
