RE: Win2K Terminal Services

From: Davis, Matt (matt.davisat_private)
Date: Wed Sep 18 2002 - 12:41:47 PDT

  • Next message: Riley Hassell: "Re: Application & Iplanet/Apache web server vulnerability and penetration testing"

    I believe you can install it using sysocmgr in quiet mode (sysocmgr /q).
    You'd need to specify TerminalServices in an unattend file, and have access
    to the Win2k sources.  Are the i386 directories copied onto the machine?
    Any suspicious text files?  You could do a search on file contents for
    TerminalServices and hope that whomever installed it via command line didn't
    clear their tracks well (if it was actually installed via command line).
    
    M.
    --
    Matt Davis, MCSA
    Client Server Business Support
    309-821-6288 (P) / 309-821-5800 (F)
    COUNTRY Insurance & Financial Services
    1711 G.E. Road, Bloomington, IL 61701
    www.countryfinancial.com
    
    
    
    -----Original Message-----
    From: John the Kiwi [mailto:johnat_private]
    Sent: Wednesday, September 18, 2002 12:59 AM
    To: pen-testat_private
    Subject: Win2K Terminal Services
    
    
    Hi All
    
    Does anyone know if it's possible to install Microsoft Terminal Services
    from a command line? One of my clients is swearing black and blue that
    they didn't install it and we've found the box in question has it
    installed complete with an open port to the outside world.
    
    Cheers
    John the Kiwi
    
    
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/
    
    ----------------------------------------------------------------------------
    This list is provided by the SecurityFocus Security Intelligence Alert (SIA)
    Service. For more information on SecurityFocus' SIA service which
    automatically alerts you to the latest security vulnerabilities please see:
    https://alerts.securityfocus.com/
    



    This archive was generated by hypermail 2b30 : Thu Sep 19 2002 - 13:40:15 PDT