Security Basics mailing list archives

Re: RDP over the internet

From: Matias Katz <matias () matiaskatz com>
Date: Tue, 10 Jan 2012 14:38:06 -0300

Hi Mario,

If you do things right, you shouldn't feel insecure about leaving a TS
server out there.

The main things you should configure are:

1) Full security, at the TS Server side
2) Client certificates for host authentication
3) A special GPO/AD group (if applicable) for TS users that cuts away
all major interactions with the server/network
4) A high port for the service to listen on (this may require some
low-level registry config, I recommend surfing the web to get the
procedure).
5) Of course, you should complement all of this with a good set of
prevention tools, like Firewall, NIDS and Antivirus.

Best,


Matias Katz

Mail: matias () matiaskatz com
GPG:  0x8C7C3B7E
TW:   @matiaskatz
Blog: www.matiaskatz.com

Buenos Aires, Argentina

On 10/01/12 14:22, mariofa88 () gmail com wrote:

Hi all I would like to know what are your opinions of using RDP over the internet on a Windows 2008 R2 server? Are 
there any major known exploits or vulnerabilities? How safe is the server with having port 3389 open to the internet.

Rgds,
Mario

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, 
how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, 
purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for 
set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital 
certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------

Current thread:

RDP over the internet mariofa88 (Jan 10)
- Re: RDP over the internet Matias Katz (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- RE: RDP over the internet William Baltas (Jan 10)
  - Re: RDP over the internet Mike Hale (Jan 10)
    - RE: RDP over the internet Dimitrios Hilton (Jan 10)
    - Re: RDP over the internet Ricardo Ferreira (Jan 10)
    - Re: RDP over the internet Mike Hale (Jan 10)
    - Re: RDP over the internet Ansgar Wiechers (Jan 10)
    - Re: RDP over the internet joseph (Jan 10)
    - Re: RDP over the internet Andre Silaghi (Jan 10)
    - Re: RDP over the internet Lee Fisher (Jan 10)

(Thread continues...)