• We’re currently investigating an issue related to the forum theme and styling that is impacting page layout and visual formatting. The problem has been identified, and we are actively working on a resolution. There is no impact to user data or functionality, this is strictly a front-end display issue. We’ll post an update once the fix has been deployed. Thanks for your patience while we get this sorted.

How secure is Remote Desktop?

J

jelifah

Senior member
So I understand the nuances of setting up Remote Desktop for Windows XP, but does it open me up for more attacks than a normal Internet user? Currently I am surfing the net behind a Linksys Router, so I know I am open to some degree, but what additional security exploits/concerns/hacks should I be worried about if I start running Remote Desktop? Specifically open ports...

For example, I'm a big fan of WarCraft 3 and to host games I had to open a port on the router to allow people to connect.

When you open a port for a game does the computer only respond to activity from that port if it is for that particular game, or is basically open season for any activity on that port? If it's the latter, what's to stop evildoers from just running an Internet scan on a lot of machine to abuse commonly used ports, like WarCraft 3's 6112 & Remote Desktop, and doing their deeds?

 
if the port is "open" that means that software can listen/use that port. If there is no S/W running for that, there shouldn't be a problem.

As far as Remote Desktop, there are a few things that (imho) make it safe for use.
1. Change default port. Make them guess what's listening to the port
2. Disable/delete unnessary/unused user accounts
3. Enforce good passwords (6+ digits, uppercase + lowercase, alpha numeric required, etc)


That would make you fairly safe from most of the script kiddies.
 
Clarifying question:

If I open up port 6112 on the router while WarCraft 3 isn't running, and data is sent on that port from the web to the router, then the router has nowhere to send the data? Or does the data packet get sent from the router to the computer, at which point the computer doesn't know what to do with it and chucks it back to the router? Couldn't bad stuff be packaged with the data?

What if I opened up Port 80? Would I still be secure as long as I didn't venture outside the standard realm of google and gmail?

My general fear is that the following is possible: A script kiddie sees an open port, ANY open port, and from there can install the evil nasty spam/virus/keyboard logger all without me having a clue. The media would have me believe that script kiddies just tunnel through networks at will the moment you open a port. Is this me just being uninformed and ignorant?
 
Here's a little explaination of how NAT routers typically work. They generally block all incoming connections (which is why you had to open them to host a game). They typically do not block any outgoing connections. So you can usually play on someone else's hosted game no problem. Once a connection through a port is initiated from your computer to someone else, it will then leave that connection open to transfer stuff back and forth. Same with web browsing (which is port 80 usually). This is why you dont need to port forward port 80. If I goto google.com it initiates a connection to them and the router then allows a response from google.com to travel back to me. If the website hackmenow.com tries to get in, they cant because you have not initiated a connection with them.

Now as for opening up ports and having trouble. Well it depends on the port. If its warcraft 3, and nothing else is listening on that port, it shouldnt matter.

If its that port for those viruses that reboot your computer on computers that are not running XP SP2, then that virus can get into your computer through that special port, I forget the number.

Remote desktop port, well there's some exploits out with that recetly. I would close that until its fixed.

"what's to stop evildoers from just running an Internet scan on a lot of machine to abuse commonly used ports, like WarCraft 3's 6112 & Remote Desktop, and doing their deeds? "
Nothing at all. In fact thats how MANY machines get compromised. Automatic scans of ranges of IP addresses trying ports of known vulnerabilites, often they are only vulnerable on unpatched machines. Except the warcraft 3 port probably doesn't have any other software listening on it, so its probably ok.


So basically if no software is listening on the port, you normally can't get compromised. Unfortunately the windows OS likes to listen to a whole range of ports for various reasons.
 
Obviously I'm patched up, and I understand that unreported security stuff could still get me.

But my concern about opening a port for RDP is unfounded?

I guess a lot of my concern is just that since I'm opening up my machine for remote access that someone could get in a backdoor beyond cracking my pw.
 
I prefer to use ssh and pipe VNC through that.

Ports are not exploited software is. You can have 100 ports open, but if no software is listening to those ports on your computer you have 0 vulnerabilities. If you have created a mapping for a port to a certain computer, the router will forward this data on this port to that computer in ALL cases. The computer will simply ignore the data if no software is there to hear it.
 
You must log in or register to reply here.

TRENDING THREADS

Back
Top