Security Basics mailing list archives
Re: RDP over the internet
From: joseph () itsec-asia com
Date: Tue, 10 Jan 2012 18:46:43 +0000
Hi, 3389 is a RDP, if attacker find open port on 3389 they can guessing is a RDP running on the host (server). Actually Win Server 2008 (equivalent) has a RDP with good encryption. But, This is not enough to securing your RDP Connections. My very best practice are just changing your RDP Port number .. ##sory for my bad english## Sent from my BlackBerry® smartphone from Sinyal Bagus XL, Nyambung Teruuusss...! -----Original Message----- From: Mike Hale <eyeronic.design () gmail com> Sender: listbounce () securityfocus com Date: Tue, 10 Jan 2012 10:00:09 To: William Baltas<bill.baltas () cleanwaterteam com> Cc: mariofa88 () gmail com<mariofa88 () gmail com>; security-basics () securityfocus com<security-basics () securityfocus com> Subject: Re: RDP over the internet "Don't leave port 3389 open on the Internet at all, the port is much too vulnerable." Explain. What unpatched vulnerabilities for RDP exist in Server 2008? Why is it more secure to provide your credentials to a third party and to install a third party client on your machine? On Tue, Jan 10, 2012 at 9:47 AM, William Baltas <bill.baltas () cleanwaterteam com> wrote:
Mario, Don't leave port 3389 open on the Internet at all, the port is much too vulnerable. If you need to perform remote administration, do this through a VPN tunnel or use a third party service such as gotomypc. Good Luck, Bill -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of mariofa88 () gmail com Sent: Tuesday, January 10, 2012 9:22 AM To: security-basics () securityfocus com Subject: RDP over the internet Hi all I would like to know what are your opinions of using RDP over the internet on a Windows 2008 R2 server? Are there any major known exploits or vulnerabilities? How safe is the server with having port 3389 open to the internet. Rgds, Mario ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
-- 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0 ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RDP over the internet mariofa88 (Jan 10)
- Re: RDP over the internet Matias Katz (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- RE: RDP over the internet William Baltas (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- RE: RDP over the internet Dimitrios Hilton (Jan 10)
- Re: RDP over the internet Ricardo Ferreira (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- Re: RDP over the internet Ansgar Wiechers (Jan 10)
- Re: RDP over the internet joseph (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- Re: RDP over the internet Lee Fisher (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- Re: RDP over the internet Ansgar Wiechers (Jan 10)
- Re: RDP over the internet security () stealthnodes com (Jan 10)
- Re: RDP over the internet synja (Jan 12)
- <Possible follow-ups>
- Re: RDP over the internet Savvy95 (Jan 10)