scams using dating sites - Xp stuck on validating identity
Recently there has been a lot of attention given to the Remote Desktop Protocol for attacker.
The protocol has seen a work in 2011 that abused week passwords and it’s features to copy files and infect other machines and now in 2012 there is a remote code execution bug in the protocol it self.
Using the TLS connection as an encrypted channel; it does not rely on the client/server authentication services that are available in TLS but does uses it for validating identity.
The Cred SSP Protocol then uses the Simple and Protected Generic Security Service Application Program Interface Negotiation Mechanism (SPNEGO) Protocol Extensions to negotiate a Generic Security Services (GSS) mechanism that performs mutual authentication and GSS confidentiality services to securely bind to the TLS channel and encrypt the credentials for the target server.
Last week Google made an announcement about its use of SSL/TLS with advice to customers on how to ensure the can continue to connect to Google’s services.