GCN Tech Blog

By GCN Staff

Blog archive

Lock down those Citrix gateways!

Here's an underappreciated network vulnerability that the system administrator should give some thought about: Citrix gateways.

A security researcher has found a number government networks that he was able to breach by using unsecured Citrix Presentation Server gateways.

Cue the obligatory sound-the-alarm quote here: 'The Internet is full of wide open CITRIX gateways. This is madness!' wrote security researcher Petko D. Petkov, in his blog posting.

Petkov's idea was deviously simple: Do a Google search for publicly-accessible files with the .ICA extension. Independent Computer Architecture files contain the configuration information that remote computers use to tap into Microsoft Windows applications over a network, using WinFrame or Citrix Presentation Server, formerly called MetaFrame.

When available over the Internet, such configuration files offer a wealth of information to malicious hackers about the server operating environments of these gateways. Even more troublesome is how the researcher found that, using his own Citrix client software, he was able to access many of these remotely available applications without log-in access:



eWeek covered this problem and attributed the vulnerability less to Citrix's software itself and more to sysadmin laxness in not properly managing port 1494, the port Citrix software usually deploys to supply applications to end users.

"Citrix is able to be secured, but that's like everything else in computing: the admin needs a brain," one security observer noted on a mailing list.

Posted by Joab Jackson on Oct 11, 2007 at 9:39 AM


Featured

  • People
    Federal CIO Suzette Kent

    Federal CIO Kent to exit in July

    During her tenure, Suzette Kent pushed on policies including Trusted Internet Connection, identity management and the creation of the Chief Data Officers Council

  • Defense
    Essye Miller, Director at Defense Information Management, speaks during the Breaking the Gender Barrier panel at the Air Space, Cyber Conference in National Harbor, Md., Sept. 19, 2017. (U.S. Air Force photo/Staff Sgt. Chad Trujillo)

    Essye Miller: The exit interview

    Essye Miller, DOD's outgoing principal deputy CIO, talks about COVID, the state of the tech workforce and the hard conversations DOD has to have to prepare personnel for the future.

Stay Connected

Sign up for our newsletter.

I agree to this site's Privacy Policy.