Re: RDP over the internet

["security () stealthnodes com" <security () stealthnodes com>]

On 12-01-10 11:29 AM, Ansgar Wiechers wrote:
> On 2012-01-10 joseph () itsec-asia com wrote:
> > 3389 is a RDP, if attacker find open port on 3389 they can guessing is
> > a RDP running on the host (server).
> >
> > Actually Win Server 2008 (equivalent) has a RDP with good encryption.
> >
> > But,
> >
> > This is not enough to securing your RDP Connections. My very best
> > practice are just changing your RDP Port number  ..
> Obscurity is never even a good, much less a best security practice. If a
> service is vulnerable, it's vulnerable on any port you make it listen
> on.
>
> Regards
> Ansgar Wiechers
Very true Ansgar however, obscurity does allow a open window in time for 
what is needed to gain more data and better secure your perimeter so 
instead of looking at it as obscurity, you can look at it as buying 
yourself seconds more which can play a critical part at the end.

of course if you simply stop at obscurity then you are simply fooling 
yourself into thinking you are secure (you instended as the general 
public, not you)

-Payam

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------