Firewall Wizards mailing list archives
RE: Using RDP Port 3389
From: "Spencer D'oro" <sdoro () comcast net>
Date: Wed, 21 Apr 2004 08:01:27 -0700
Onto Remote Administrator. I assume you are referring to the specific program by Famatech. I have used copies of this program several times. It has an intuitive interface, and is easily configurable, and for security, uses 128-bit encryption for all data stream. RAdmin can also be set for single password authentication, or it can use the built-in NT authentication. The latest version (2.1) also ties into the Event Log. I like this product, and would recommend it to anyone. Just follow best practices. Change the default port number, use IP filtering, etc. These are also configurable within RAdmin. That's my $.02. Spencer, MCP -----Original Message----- From: firewall-wizards-admin () honor icsalabs com [mailto:firewall-wizards-admin () honor icsalabs com] On Behalf Of Melson, Paul Sent: Monday, April 19, 2004 8:19 AM To: Chuck Vose Cc: woodse () vra net; firewall-wizards () honor icsalabs com Subject: RE: [fw-wiz] Using RDP Port 3389
-----Original Message----- There are also other methods of remote access. Coming from *nix there's VNC (many varieties, some of which work for windows as well) and there's Remote Administrator. I can't speak for the security of RA, but I know VNC has been looked at many a time and at it's current state is pretty secure.
Actually, I think that VNC could be worse than Terminal Services from a security point of view. First, its logging is awful. Second, it can only be secured by a single password. Since everyone allowed to use VNC would know the same password, this doesn't meet the standard for authentication. Third, it gives the remote user the console. If left logged in, the only thing between a malicious user and eavesdropping or major destruction is a single password that can't be locked-on-failure, so it *can* be brute-forced. There may not be any 0d4y-spl01tz for VNC at the moment, but IMHO, it suffers from some design flaws that make it less than secure. That said, I use VNC with my systems at home. But this traffic is always tunneled via SSH across the Internet. PaulM _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards _______________________________________________ firewall-wizards mailing list firewall-wizards () honor icsalabs com http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Current thread:
- Using RDP Port 3389 woodse (Apr 08)
- <Possible follow-ups>
- RE: Using RDP Port 3389 Melson, Paul (Apr 16)
- RE: Using RDP Port 3389 Chuck Vose (Apr 20)
- RE: Using RDP Port 3389 Melson, Paul (Apr 21)
- RE: Using RDP Port 3389 Chuck Vose (Apr 21)
- RE: Using RDP Port 3389 R. DuFresne (Apr 22)
- RE: Using RDP Port 3389 Josh Welch (Apr 22)
- RE: Using RDP Port 3389 Spencer D'oro (Apr 22)
- RE: Using RDP Port 3389 Chuck Vose (Apr 21)
- RE: Using RDP Port 3389 Justin C. Laporte (Apr 27)
- RE: Using RDP Port 3389 Melson, Paul (Apr 27)
- Security through Obscurity [was RE: Using RDP Port 3389] Gwendolynn ferch Elydyr (Apr 27)
- Re: Security through Obscurity [was RE: Using RDP Port 3389] Elizabeth Zwicky (Apr 28)
- Security through Obscurity [was RE: Using RDP Port 3389] Gwendolynn ferch Elydyr (Apr 27)