Security Basics mailing list archives

Re: RDP over the internet

From: joseph () itsec-asia com
Date: Tue, 10 Jan 2012 18:46:43 +0000

Hi, 

3389 is a RDP, if attacker find open port on 3389 they can guessing is a RDP running on the host (server).

Actually Win Server 2008 (equivalent) has a RDP with good encryption. 

But,

This is not enough to securing your RDP Connections. My very best practice are just changing your RDP Port number  .. 

##sory for my bad english##


Sent from my BlackBerry® smartphone from Sinyal Bagus XL, Nyambung Teruuusss...!

-----Original Message-----
From: Mike Hale <eyeronic.design () gmail com>
Sender: listbounce () securityfocus com
Date: Tue, 10 Jan 2012 10:00:09 
To: William Baltas<bill.baltas () cleanwaterteam com>
Cc: mariofa88 () gmail com<mariofa88 () gmail com>; security-basics () securityfocus com<security-basics () 
securityfocus com>
Subject: Re: RDP over the internet

"Don't leave port 3389 open on the Internet at all, the port is much
too vulnerable."

Explain.  What unpatched vulnerabilities for RDP exist in Server 2008?

Why is it more secure to provide your credentials to a third party and
to install a third party client on your machine?

On Tue, Jan 10, 2012 at 9:47 AM, William Baltas
<bill.baltas () cleanwaterteam com> wrote:

Mario,  Don't leave port 3389 open on the Internet at all, the port is much too vulnerable.  If you need to perform 
remote administration, do this through a VPN tunnel or use a third party service such as gotomypc.

Good Luck,
Bill

-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of mariofa88 () gmail com
Sent: Tuesday, January 10, 2012 9:22 AM
To: security-basics () securityfocus com
Subject: RDP over the internet

Hi all I would like to know what are your opinions of using RDP over the internet on a Windows 2008 R2 server? Are 
there any major known exploits or vulnerabilities? How safe is the server with having port 3389 open to the internet.

Rgds,
Mario

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------




-- 
09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

RDP over the internet mariofa88 (Jan 10)
- Re: RDP over the internet Matias Katz (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- RE: RDP over the internet William Baltas (Jan 10)
  - Re: RDP over the internet Mike Hale (Jan 10)
    - RE: RDP over the internet Dimitrios Hilton (Jan 10)
    - Re: RDP over the internet Ricardo Ferreira (Jan 10)
    - Re: RDP over the internet Mike Hale (Jan 10)
    - Re: RDP over the internet Ansgar Wiechers (Jan 10)
    - Re: RDP over the internet joseph (Jan 10)
    - Re: RDP over the internet Andre Silaghi (Jan 10)
    - Re: RDP over the internet Lee Fisher (Jan 10)
    - Re: RDP over the internet Ansgar Wiechers (Jan 10)
    - Re: RDP over the internet security () stealthnodes com (Jan 10)
  - RE: RDP over the internet Dimitrios Hilton (Jan 10)
- Re: RDP over the internet William Söderberg (Jan 10)
- RE: RDP over the internet David Gillett (Jan 10)
- Re: RDP over the internet Hosts Deny (Jan 11)
  - Re: RDP over the internet synja (Jan 12)
- <Possible follow-ups>
- Re: RDP over the internet Savvy95 (Jan 10)

(Thread continues...)