Security Basics mailing list archives
RE: RDP over the internet
From: Juha Jurvanen <juha.jurvanen () redcloud se>
Date: Wed, 18 Jul 2012 11:53:43 +0200
Hi guys, Here's actually a piece of software to handle bruteforce attempts on RDP (and also Exchange servers OWA, SMTP and so on ). Of course it can't handle for instance a pre authentication bug but if there is a login attempot recorded by the server it will be handled according to rules set by the system administrator. We did try some scripts in .vbs and powershell and some other stuff but we wanted better mail reporting and better rule management than they could offer We've used it for quite some time now and it has decreased our administrative tasks. Sorry of it sounds too "salesy" but I really like it . It's called Sysepace and can be found at http://www.syspeace.com Regards /Juha Jurvanen www.redcloud.se -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Alex Fiuvertiz Sent: den 14 mars 2012 14:42 To: Mike Hale Cc: William Baltas; mariofa88 () gmail com; security-basics () securityfocus com Subject: Re: RDP over the internet I remember this old conversation. New light perhaps? 2012/1/10 Mike Hale <eyeronic.design () gmail com>:
"Don't leave port 3389 open on the Internet at all, the port is much too vulnerable." Explain. What unpatched vulnerabilities for RDP exist in Server 2008?
http://www.securityfocus.com/bid/52353 / Alex ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------ ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: RDP over the internet Juha Jurvanen (Jul 18)