Any opinions expressed here are my own and not necessarily those of my employer (I'm self-employed).

Mar 26, 2011

Ninja trick: The terminal server has exceeded the maximum number of allowed connections

If you work in an environment where several people fiddle around on the same servers, every once in a while you'll get the message "The terminal server has exceeded the maximum number of allowed connections" when you try to log on to a shared server through Remote Desktop.

In many cases this is because someone is lingering on the server. You could go through the process of figuring out who's logged on and asking them to log out, or kick them from the server. But there's another way.

It's possible to remotely connect to the physical console session on the server (also known as session 0). If someone is already using the console session, you'll learn who's connected and will be asked if you want to disconnect them. Since this feature is only intended for ninja hackers, you'll have to run this from command line.

On Windows 7/2008 Server:
mstsc.exe /admin /v:yourservername
On Windows 2003 server:
mstsc.exe /console /v:yourservername
You probably figured out that the command switches /admin and /console did the trick here. A word of advice, don't share this with your co-workers, you want to keep the console session to your self!

The /admin and /console switches are described in Microsoft's article on changes to remote administration in Windows Server 2008. Also, if you're running Windows Server 2003 or Windows XP it's possible to upgrade to Terminal Services Client 6.0 to get the new and shiny features offered by Remote Desktop on Vista and later.

Mar 7, 2011

Even more Android security issues

Researcher Jon Oberheide explains on his blog how users can be tricked into installing apps on their Android phones — through an XSS vulnerability! This tops of the last weeks fuzz about Android security.

On Saturday, the Google mobile team blogged about how they would deal with the malware spread through their Android Market — the same day they confirmed that there were 58 different malicious apps that had been downloaded onto around 260,000 Android devices.

At the beginning of February I blogged about the dangers rising from the Android market's web driven installation routine. Oberheide now showed one scalable way to take advantage of the market store. Others remain.

Copyright notice

© André N. Klingsheim and www.dotnetnoob.com, 2009-2015. Unauthorized use and/or duplication of this material without express and written permission from this blog’s author and/or owner is strictly prohibited. Excerpts and links may be used, provided that full and clear credit is given to André N. Klingsheim and www.dotnetnoob.com with appropriate and specific direction to the original content.

Read other popular posts