Terminal Services Web Detection

info Nessus Network Monitor Plugin ID 2508

Synopsis

The remote host may give an attacker information useful for future attacks.

Description

The remote host appears to be configured to facilitate the client download of an ActiveX Terminal Services Client. Users can access the web page and click a 'connect' button that will prompt a client-side download of a .cab file that will be used to connect the client directly to a terminal services server using Remote Desktop Protocol -- RDP. You will want to manually inspect this page for possible information regarding systems offering RDP access, system information, IP addressing information, and more.

Solution

Password protect access to the 'tsweb' resource.

Plugin Details

Severity: Info

ID: 2508

Family: Web Servers

Published: 8/18/2004

Updated: 1/15/2016

Nessus ID: 12234

Detections

Analytics