RE: RDP over the internet

[Juha Jurvanen <juha.jurvanen () redcloud se>]

Hi guys,

Here's actually a piece of software to handle bruteforce attempts on RDP (and also Exchange servers OWA, SMTP and so on 
). Of course it can't handle for instance a pre authentication bug but if there is a login attempot recorded by the 
server it will be handled according to rules set by the system administrator. We did try some scripts in .vbs and 
powershell and some other stuff but we wanted better mail reporting and better rule management than they could offer
We've used it for quite some time now and it has decreased our administrative tasks. Sorry of it sounds too "salesy" 
but I really like it . It's called Sysepace and can be found at http://www.syspeace.com 


Regards /Juha Jurvanen        www.redcloud.se 


-----Original Message-----
From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of Alex Fiuvertiz
Sent: den 14 mars 2012 14:42
To: Mike Hale
Cc: William Baltas; mariofa88 () gmail com; security-basics () securityfocus com
Subject: Re: RDP over the internet

I remember this old conversation. New light perhaps?

2012/1/10 Mike Hale <eyeronic.design () gmail com>:
> "Don't leave port 3389 open on the Internet at all, the port is much
> too vulnerable."
>
> Explain.  What unpatched vulnerabilities for RDP exist in Server 2008?

http://www.securityfocus.com/bid/52353


/ Alex

------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------


------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate.  We look at how SSL works, how 
it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, 
install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are 
highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442f727d1
------------------------------------------------------------------------