Security Basics mailing list archives
Re: RDP over the internet
From: "security () stealthnodes com" <security () stealthnodes com>
Date: Tue, 10 Jan 2012 14:05:00 -0800
On 12-01-10 11:29 AM, Ansgar Wiechers wrote:
Very true Ansgar however, obscurity does allow a open window in time for what is needed to gain more data and better secure your perimeter so instead of looking at it as obscurity, you can look at it as buying yourself seconds more which can play a critical part at the end.On 2012-01-10 joseph () itsec-asia com wrote:3389 is a RDP, if attacker find open port on 3389 they can guessing is a RDP running on the host (server). Actually Win Server 2008 (equivalent) has a RDP with good encryption. But, This is not enough to securing your RDP Connections. My very best practice are just changing your RDP Port number ..Obscurity is never even a good, much less a best security practice. If a service is vulnerable, it's vulnerable on any port you make it listen on. Regards Ansgar Wiechers
of course if you simply stop at obscurity then you are simply fooling yourself into thinking you are secure (you instended as the general public, not you)
-Payam ------------------------------------------------------------------------ Securing Apache Web Server with thawte Digital Certificate In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates. http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1 ------------------------------------------------------------------------
Current thread:
- RE: RDP over the internet, (continued)
- RE: RDP over the internet William Baltas (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- RE: RDP over the internet Dimitrios Hilton (Jan 10)
- Re: RDP over the internet Ricardo Ferreira (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- Re: RDP over the internet Ansgar Wiechers (Jan 10)
- Re: RDP over the internet joseph (Jan 10)
- Re: RDP over the internet Andre Silaghi (Jan 10)
- Re: RDP over the internet Lee Fisher (Jan 10)
- Re: RDP over the internet Mike Hale (Jan 10)
- Re: RDP over the internet Ansgar Wiechers (Jan 10)
- Re: RDP over the internet security () stealthnodes com (Jan 10)
- RE: RDP over the internet William Baltas (Jan 10)
- Re: RDP over the internet synja (Jan 12)
- R: RDP over the internet Webstyler.it (Jan 12)