Re: Is RDP Safe

From: "SuperGumby [SBS MVP]" <not@xxxxxxxxxxx>
Date: Sat, 3 Mar 2007 21:27:27 +1100

very little difference but theoretically someone could perform a brute force
attack against the TS port. (TSGrinder?)

There is the thought that 'less ports open, less attack points' you probably
want HTTPS for other reasons (OWA/OMA/RPCoverHTTPS) and if RWW is the only
method used then the RDP proxy port (4125) is only opened, to the specific
requesting IP address, after authentication via SSL.

"Jelly26" <Jelly26@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:D4036A8F-70CE-4774-8361-3D75A1942394@xxxxxxxxxxxxxxxx

Is loggin to SBS throgh Remote Desktop Connection safe, which seems to be
less step than rww. I opened just port 3389 on router and enter the ip
address , goes to sbs machine straightway. What security risks are there?

Prev by Date: Re: Sharing the ADSL router with a second "network"
Next by Date: Re: Sharing the ADSL router with a second "network"
Previous by thread: Sharing the ADSL router with a second "network"
Next by thread: Re: Is RDP Safe
Index(es):
- Date
- Thread

Relevant Pages

RE: Strange loopback in firefox.
... described as heavy attack from outside IP addresses. ... either using the Microsoft_DS port or epmap port to connect). ... For example a connection from port 3014 to 3015 and the next ... to facilitate one-on-one interaction with one of our expert instructors. ...
(Security-Basics)
FW: Legal? Road Runner proactive scanning.[Scanned]
... You consider a port scan to be an attack? ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ...
(Security-Basics)
Re: SSH server under attack...
... It's highly possible that even though you changed the port, an automated script discovered the new port by probing the ports and matching version numbers, ie: ... the new machine to attack me is 200.55.192.29. ... Failed password for invalid user admin from::ffff:200.55.192.29 port ...
(Security-Basics)
SSH server under attack...
... OK...within a few hours the server was being attacked again on port 2222. ... The router/firewall logs dont show any dropped packets sent to port 22 so he changed the port of the attack script. ... I scanned the machine and found that it is hosting a webserver Server at www.springs.cl) among other services. ... Invalid user admin from::ffff:200.55.192.29 Failed password for invalid user admin from::ffff:200.55.192.29 port ...
(Security-Basics)
Vulnerability Scan 200.127.113.193, 69.93.128.17
... Two attackers initiated a mass vulnerability scan. ... GET requests on port 80 ... This attack was foreshadowed by a recon probe by A1 on 2004/20/29. ... The URIs requested are all over the place as far as target environment. ...
(Incidents)