Security Basics mailing list archives
Re: RDP over the internet
From: Matias Katz <matias () matiaskatz com>
Date: Tue, 10 Jan 2012 14:38:06 -0300
Hi Mario, If you do things right, you shouldn't feel insecure about leaving a TS server out there. The main things you should configure are: 1) Full security, at the TS Server side 2) Client certificates for host authentication 3) A special GPO/AD group (if applicable) for TS users that cuts away all major interactions with the server/network 4) A high port for the service to listen on (this may require some low-level registry config, I recommend surfing the web to get the procedure). 5) Of course, you should complement all of this with a good set of prevention tools, like Firewall, NIDS and Antivirus. Best, Matias Katz Mail: matias () matiaskatz com GPG: 0x8C7C3B7E TW: @matiaskatz Blog: www.matiaskatz.com Buenos Aires, Argentina On 10/01/12 14:22, mariofa88 () gmail com wrote:
Hi all I would like to know what are your opinions of using RDP over the internet on a Windows 2008 R2 server? Are there any major known exploits or vulnerabilities? How safe is the server with having port 3389 open to the internet. Rgds, Mario ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RDP over the internet mariofa88 (Jan 10)
- Re: RDP over the internet Matias Katz (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- RE: RDP over the internet William Baltas (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- RE: RDP over the internet Dimitrios Hilton (Jan 10)
- Re: RDP over the internet Ricardo Ferreira (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- Re: RDP over the internet Ansgar Wiechers (Jan 10)
- Re: RDP over the internet joseph (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- Re: RDP over the internet Lee Fisher (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)