×
INTELLIGENT WORK FORUMS
FOR COMPUTER PROFESSIONALS

Log In

Come Join Us!

Are you a
Computer / IT professional?
Join Tek-Tips Forums!
  • Talk With Other Members
  • Be Notified Of Responses
    To Your Posts
  • Keyword Search
  • One-Click Access To Your
    Favorite Forums
  • Automated Signatures
    On Your Posts
  • Best Of All, It's Free!
  • Students Click Here

*Tek-Tips's functionality depends on members receiving e-mail. By joining you are opting in to receive e-mail.

Posting Guidelines

Promoting, selling, recruiting, coursework and thesis posting is forbidden.

Students Click Here

RDP Security

RDP Security

RDP Security

(OP)
I have an MPLS network managed by one of the large providers.

During installation we made provisions to assign one of my Public IPs to one of my LAN servers to be accessed via RDP.

I have read mixed reviews about the security of this.  I have a VERY strong Admin password.

Am I leaving a door open for network attacks?

Thank you,


 

RE: RDP Security

(OP)
I just read that I should change the port to something other than the default port.

RE: RDP Security

To be honest, I don't think I know a whole lot about your particular setup, specifically an RDP.  However, based on your other comments, I do have some generalized recommendations.

First, changing the port is a common recommendation.  Unfortunately, it is like resisting the Borg, futile.  The only thing that it does for you is to cut down on the 'noise' from the script kiddies, which in a properly designed system aren't a threat anyway.  It will take roughly 30 seconds to run a port scan against your IP to see that the port has been moved.

Second, in general, don't open any ports that you don't have to.  Of course to provide services you need to.  Open only these ports and do so through a firewall router.

Third, make sure the application and your kernel remain up to date.  Exploits are discovered and corrected and by keeping things up to date you minimize the risk of being vulnerable to an old attack.

Fourth, if you application allows it, using "keys" or certificates instead of passwords is MUCH better.  Along these lines, if possible restrict the range of IP addresses, or domains allowed to connect.

Fifth, use programs such as deny hosts or fail2ban that will recognize invalid access attempts and temporarily block the offending IP address.  This is usually enough to make them go away.

Sixth, restrict the level of access that can be achieved by the remote connection if at all possible.

That about sums it up.  If nothing else, do use very strong passwords.  The longer the better and do NOT use dictionary words and be sure to use not only numbers but also symbols too, which it sounds like you have done.

If you are really paranoid, you can install a network and host based intrusion detection system, but you will need to take the time to install it.

Lastly, keep your eyes open for signs of an intrusion.  If you see something suspicious, investigate but don't panic.
 

RE: RDP Security

To add to Noway2 you would be better off having a VPN setup.  This way your outside users have an encrypted connection and you have a more secure network.   

Red Flag This Post

Please let us know here why this post is inappropriate. Reasons such as off-topic, duplicates, flames, illegal, vulgar, or students posting their homework.

Red Flag Submitted

Thank you for helping keep Tek-Tips Forums free from inappropriate posts.
The Tek-Tips staff will check this out and take appropriate action.

Reply To This Thread

Posting in the Tek-Tips forums is a member-only feature.

Click Here to join Tek-Tips and talk with other members! Already a Member? Login

Close Box

Join Tek-Tips® Today!

Join your peers on the Internet's largest technical computer professional community.
It's easy to join and it's free.

Here's Why Members Love Tek-Tips Forums:

Register now while it's still free!

Already a member? Close this window and log in.

Join Us             Close