Security Basics mailing list archives
Re: remote desktop question
From: Alloishus BeauMains <all0i5hu5 () gmail com>
Date: Fri, 21 Oct 2005 22:10:11 -0500
Well, Remote Desktop is fairly secure by itself. It is encrypted traffic, and using local group policies, you can encrypt it up to 256bit. Only the username is passed in cleartext for transmission. The password and everything else seems to be encrypted. Still, if it is open to the Internet, it can be exploited. I think with an administrator account, you have 6 tries, and then a lockout occurs for 30 minutes, and then you can try again. So, a brute force attack, although slow, could prove effective. You can set this with group policy as well. While you are at it, enforce strong complexity requirements (at least 6 characters, 3 out of 4 conditions must be met [uppercase, lowercase, special character, number]). I have always read that a better method is to tunnel RDP either through VPN, or through SSH. In either case, they provide an additional layer of security that stops everyone from trying to get into the system, and further stops everyone from seeing the remote desktop login. On 10/21/05, cc <cc () belfordhk com> wrote:
Dear All, The company I work with recently required a remote desktop access and to keep the budget down, I used a XP Pro system to receive only one Remote Desktop user. Since this requires the opening up of a port on the firewall, I'm quite concerned. I have limited the system to only one or two users who can log on. Since this is my initial foray into the remote desktop client (in the past, we used PCAnywhere, but it's getting more and more expensive(hard to justify purchasing a license for each system). In what ways can I protect the remote desktop system from being broken into? (Well, aside from shutting it down.) Any pointers appreciated. Edmund
Current thread:
- remote desktop question cc (Oct 21)
- RE: remote desktop question Richard Parry (Oct 24)
- Re: remote desktop question Alloishus BeauMains (Oct 24)
- Re: remote desktop question Alejandro Flores (Oct 24)
- RE: remote desktop question List Account (Oct 24)
- Re: remote desktop question Peter Koinnage (Oct 24)
- Re: remote desktop question Austin Murkland (Oct 24)
- Re: remote desktop question tkrin (Oct 24)
- Re: remote desktop question Netops (Oct 31)
- <Possible follow-ups>
- RE: remote desktop question Keith Bucknall (Oct 24)
- RE: remote desktop question Mike Harlan (Oct 24)
- RE: remote desktop question Jeff Gercken (Oct 24)
- Re: remote desktop question Micheal Espinola Jr (Oct 25)