Just wondering if anyone is confident enough to open up port 3389 for Remote Desktop, so you could access your machine from anywhere. Any known security issues?
How secure is Remote Desktop (server side?)
- Thread starter MDesigner
- Start date
The only suggestion is to put a login banner to prevent brute-force attacks. Other than that, RDP is secure.
Opening 3389 to the Internet is probably a bad idea. By default it does use 128-bit RC4 encryption, but apparently man in the middle attacks are still possible.
http://www.oxid.it/downloads/rdp-gbu.pdf is a brief description of the problem, or Google for "microsoft remote desktop security" for a plethora of information.
http://www.oxid.it/downloads/rdp-gbu.pdf is a brief description of the problem, or Google for "microsoft remote desktop security" for a plethora of information.
OK.. then would you recommend changing the port RDP listens on, to something else (in the ten-thousands?) Or maybe a different solution such as Ultr@VNC or TightVNC?
No. Changing the port doesn't make it secure. VNC has the same issues, so does SSH. Restricting the service is a good start on defending the system.
If you want something better, use a VPN.
Changing the port doesn't make it secure but it makes it harder to find. If RDP is customized to run on port 38057, what are the chances someone is going to find it? And what do you mean by "restricting the service"?
Is nmap a port scanner? I'd like to hear how someone can determine what port I'm running Remote Desktop on, if all they know is my IP.
I can't run it on myself for whatever reason.. but I get the point. I ran it on the machine that hosts my web site, and it very quickly came back with plenty of ports.
Let me ask you this, then, regarding securing ports.. is there some kind of Windows software I can run that will only allow connections to certain ports based on the originator's IP address? My router uses the dd-wrt firmware.. it would be kinda nice if they eventually implemented such a feature.
Let me ask you this, then, regarding securing ports.. is there some kind of Windows software I can run that will only allow connections to certain ports based on the originator's IP address? My router uses the dd-wrt firmware.. it would be kinda nice if they eventually implemented such a feature.
QFT. Hamachi is great for setting up a simple, secure VPN. You don't have to open any ports. For best results, look into setting it up as a service.
hence why I asked. Who's gonna set up 2 different boxes as VPN gateways for a single home computer? makes no sense whatsoever.
Originally posted by: n0cmonkey
This is a tech site. If you only have one computer you don't belong here.
:Q
Originally posted by: n0cmonkey
This is a tech site. If you only have one computer you don't belong here.
Funny but true For business use RDP alone is generally not considered "secure enough".
However mounting a successful man in the middle attack against RDP requires a fairly high level of knowledge by someone who has singled you out for attack. Since this is an unmanaged environment I feel compelled to point out that if someone knowledgeable really has it in for you it's most likely that they would be able to perform an easier attack than this (lowest-hanging fruit).
What do I do for my computer at home? I allow RDP so I can connect to my computer at home, than just restrict the addresses that can connect to it through my firewall. I do run in it on a non-standard port, but that?s because I used to run another box on 3389 and I haven?t changed since.
What do I do at work? RDP over L2TP/IPSec VPN.
And for those of you who do want to argue technical semantics if someone can perform successful DNS spoofing who cares if they do a MITM attack at all. All they would need to do is prompt for your username and password and wait for you to give them your credentials, from there they could just give them some generic error message and disconnect and perform all sorts of fun things now that they have your credentials. This is why in managed environments it?s so important to control network services, if you don?t have security at the lower levels ensuring security at the application level is much harder.
Just trying to put this all in a practical light for the OP.
Originally posted by: Seeruk
Originally posted by: n0cmonkey
This is a tech site. If you only have one computer you don't belong here.
lol.. very true
I'm about to pick through the bone yard now in order to rebuild my now defunct k2-500 smoothwall box.
TRENDING THREADS
-
Discussion Zen 5 Speculation (EPYC Turin and Strix Point/Granite Ridge - Ryzen 9000)- Started by DisEnchantment
- Replies: 25K
-
Discussion Intel Meteor, Arrow, Lunar & Panther Lakes + WCL Discussion Threads
- Started by Tigerick
- Replies: 23K
-
Discussion Intel current and future Lakes & Rapids thread- Started by TheF34RChannel
- Replies: 23K
-
-
Facebook
Twitter