Options
Don't allow external RDP to your network!
VPN into a network and then RDP to whatever server you need. Here's a good reason why to block that pesky protocol:
From the “Why use a VPN?” Department. Microsoft RDP flaw announced. ? My EtherealMind
From the “Why use a VPN?” Department. Microsoft RDP flaw announced. ? My EtherealMind
Comments
-
Optionshigherho Member Posts: 882Yea I heard about this, they also came out with a patch or something shortly after. I've been using dame ware when I VPN into my work network from home. I'm also seriously thinking about deploying dameware at work for all the developers to use when they log into the servers instead of RDP when they are at home. Though I doubt management will purchase the extra licenses for it.
-
OptionsSouthSeaPirate Member Posts: 173Yea I heard about this, they also came out with a patch or something shortly after. I've been using dame ware when I VPN into my work network from home. I'm also seriously thinking about deploying dameware at work for all the developers to use when they log into the servers instead of RDP when they are at home. Though I doubt management will purchase the extra licenses for it.
I second DameWare. Using it company wide and very satisfied. Great for Helpdesk. -
OptionsCodeBlox Member Posts: 1,363 ■■■■□□□□□□Hmm, I've currently got my router setup to forward on 3389 to a workstation on my home network from the internet.Currently reading: Network Warrior, Unix Network Programming by Richard Stevens
-
OptionsZartanasaurus Member Posts: 2,008 ■■■■■■■■■□I love Dameware. Looks like they were bought out by Solarwinds recently, which is likely a good thing. We don't allow any external RDP w/o VPN, but we patched all of our servers against this on Friday.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
OptionsZartanasaurus Member Posts: 2,008 ■■■■■■■■■□Hmm, I've currently got my router setup to forward on 3389 to a workstation on my home network from the internet.
I guarantee if you check your security logs you'll see tons of RDP login attempts.Currently reading:
IPSec VPN Design 44%
Mastering VMWare vSphere 5 42.8% -
OptionsJ_86 Member Posts: 262 ■■□□□□□□□□I did an "experiment" once and let RDP into my home network on a box with nothing on it for a few hours. There were over a thousand attempts to login. Its just a bad idea to let the unknown even reach a login screen on your network, but I see it all the time in small networks. VPN solutions are cheap and not all that complicated to setup for a small/medium sized users base.
l'LL echo dameware, we use it on every computer in our network. Very handy. -
OptionsJockVSJock Member Posts: 1,118Found some more info about RDP attacks from securitytube.com
Defcon 19 - Bosses Love Excel, Hackers Too.
Also making the rounds in the blogsphere:
The Risks of Remote Desktop for Access Over the Internet
Hackers Offer Bounty for Windows RDP Exploit — Krebs on Security
RDP Flaws Lead Microsoft’s March Patch Batch — Krebs on Security***Freedom of Speech, Just Watch What You Say*** Example, Beware of CompTIA Certs (Deleted From Google Cached)
"Its easier to deceive the masses then to convince the masses that they have been deceived."
-unknown