Penetration Testing mailing list archives
RE: Securing RDP - Is it possible?
From: "Ben Little" <BLittle () skylight com>
Date: Tue, 14 Apr 2009 10:25:36 -0700
You can also use two-factor authentication as a means of helping to secure the authentication process. -----Original Message----- From: listbounce () securityfocus com [mailto:listbounce () securityfocus com] On Behalf Of David Glosser Sent: Tuesday, April 14, 2009 3:38 AM To: Chip Panarchy Cc: pen-test () securityfocus com Subject: Re: Securing RDP - Is it possible? You can configure better authentication and encryption with RDP (for example, http://technet.microsoft.com/en-us/library/cc782610.aspx, http://support.microsoft.com/kb/275727) Also change the RDP listening port to something non-standard. That won't prevent someone finding the port but should make it a little harder to find. On Tue, Apr 14, 2009 at 4:27 AM, Chip Panarchy <forumanarchy () gmail com> wrote:
Hello Is Secure RDP an impossibility? I am now working (WOOT) and they seem to use entirely RDP, almost no
VNC...
This, by my reckoning would make the network most insecure. Would you agree? Or is it possible to Secure RDP? Thanks in advance for sharing ideas on this matter, Panarchy ---------------------------------------------------------------------- -- This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec
Institute's Ethical Hacking class.
Totally hands-on course with evening Capture The Flag (CTF) exercises,
Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience.
http://www.infosecinstitute.com/courses/ethical_hacking_training.html ---------------------------------------------------------------------- --
------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------ ------------------------------------------------------------------------ This list is sponsored by: InfoSec Institute Learn all of the latest penetration testing techniques in InfoSec Institute's Ethical Hacking class. Totally hands-on course with evening Capture The Flag (CTF) exercises, Certified Ethical Hacker and Certified Penetration Tester exams, taught by an expert with years of real pen testing experience. http://www.infosecinstitute.com/courses/ethical_hacking_training.html ------------------------------------------------------------------------
Current thread:
- Securing RDP - Is it possible? Chip Panarchy (Apr 14)
- RE: Securing RDP - Is it possible? Leung, Kevin King Ting (Apr 14)
- RE: Securing RDP - Is it possible? Craig S. Wright (Apr 15)
- Message not available
- Re: Securing RDP - Is it possible? David Glosser (Apr 15)
- RE: Securing RDP - Is it possible? Craig S. Wright (Apr 16)
- RE: Securing RDP - Is it possible? Leung, Kevin King Ting (Apr 14)
- Re: Securing RDP - Is it possible? Parity (Apr 14)
- Re: Securing RDP - Is it possible? Adriel T. Desautels (Apr 14)
- Re: Securing RDP - Is it possible? David Glosser (Apr 14)
- RE: Securing RDP - Is it possible? Ben Little (Apr 14)
- Re: Securing RDP - Is it possible? Parity (Apr 15)
- RE: Securing RDP - Is it possible? Lay, James (Apr 14)
- RE: Securing RDP - Is it possible? Harris, Michael C. (Apr 14)
- RE: Securing RDP - Is it possible? Ben Little (Apr 14)
- Re: Securing RDP - Is it possible? Mark Owen (Apr 14)
- <Possible follow-ups>
- Securing RDP - Is it possible? christopher . riley (Apr 14)