Security Basics mailing list archives
Re: RDP over the internet
From: Ansgar Wiechers <bugtraq () planetcobalt net>
Date: Tue, 10 Jan 2012 20:27:48 +0100
On 2012-01-10 Ricardo Ferreira wrote:
On 10-01-2012 16:00, Mike Hale wrote:"Don't leave port 3389 open on the Internet at all, the port is much too vulnerable." Explain. What unpatched vulnerabilities for RDP exist in Server 2008? Why is it more secure to provide your credentials to a third party and to install a third party client on your machine?Answers to your questions... http://technet.microsoft.com/en-us/security/bulletin/MS09-044 http://technet.microsoft.com/en-us/security/bulletin/ms11-017 http://technet.microsoft.com/en-us/security/bulletin/ms11-065
Which part of "unpatched" did you fail to understand? Not to mention that it certainly doesn't explain AT ALL why anyone in his right mind would want to trust his credentials to a third party. Regards Ansgar Wiechers -- "All vulnerabilities deserve a public fear period prior to patches becoming available." --Jason Coombs on Bugtraq ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RDP over the internet mariofa88 (Jan 10)
- Re: RDP over the internet Matias Katz (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- RE: RDP over the internet William Baltas (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- RE: RDP over the internet Dimitrios Hilton (Jan 10)
- Re: RDP over the internet Ricardo Ferreira (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- Re: RDP over the internet Ansgar Wiechers (Jan 10)
- Re: RDP over the internet joseph (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- Re: RDP over the internet Lee Fisher (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- Re: RDP over the internet Ansgar Wiechers (Jan 10)
- Re: RDP over the internet security () stealthnodes com (Jan 10)
- Re: RDP over the internet synja (Jan 12)