GCN Tech Blog

By GCN Staff

Blog archive

Lock down those Citrix gateways!

Here's an underappreciated network vulnerability that the system administrator should give some thought about: Citrix gateways.

A security researcher has found a number government networks that he was able to breach by using unsecured Citrix Presentation Server gateways.

Cue the obligatory sound-the-alarm quote here: 'The Internet is full of wide open CITRIX gateways. This is madness!' wrote security researcher Petko D. Petkov, in his blog posting.

Petkov's idea was deviously simple: Do a Google search for publicly-accessible files with the .ICA extension. Independent Computer Architecture files contain the configuration information that remote computers use to tap into Microsoft Windows applications over a network, using WinFrame or Citrix Presentation Server, formerly called MetaFrame.

When available over the Internet, such configuration files offer a wealth of information to malicious hackers about the server operating environments of these gateways. Even more troublesome is how the researcher found that, using his own Citrix client software, he was able to access many of these remotely available applications without log-in access:



eWeek covered this problem and attributed the vulnerability less to Citrix's software itself and more to sysadmin laxness in not properly managing port 1494, the port Citrix software usually deploys to supply applications to end users.

"Citrix is able to be secured, but that's like everything else in computing: the admin needs a brain," one security observer noted on a mailing list.

Posted by Joab Jackson on Oct 11, 2007 at 9:39 AM


Featured

  • IT Modernization
    shutterstock image By enzozo; photo ID: 319763930

    OMB provides key guidance for TMF proposals amid surge in submissions

    Deputy Federal CIO Maria Roat details what makes for a winning Technology Modernization Fund proposal as agencies continue to submit major IT projects for potential funding.

  • gears and money (zaozaa19/Shutterstock.com)

    Worries from a Democrat about the Biden administration and federal procurement

    Steve Kelman is concerned that the push for more spending with small disadvantaged businesses will detract from the goal of getting the best deal for agencies and taxpayers.

Stay Connected