Quantcast

Maximum PC

It is currently Mon Sep 29, 2014 11:02 pm

All times are UTC - 8 hours




Post new topic Reply to topic  [ 3 posts ] 
Author Message
 Post subject: RDP Over Web - Am I Secure?
PostPosted: Sat Jul 24, 2010 2:48 pm 
8086
8086

Joined: Sun Aug 16, 2009 11:35 am
Posts: 81
I forwarded port 3389 to my home PC for RDP. Now, if I want to access my PC over the web, I can just type my IP address into Remote Desktop Connection.

It's easy. Too easy. I'm concerned about security. My personal user account on my PC is password-protected, but the other account on my PC isn't.

Now, I'm pretty sure RDP won't let you connect to a remote PC using an account without a password. But better safe than sorry. Is leaving this port open too risky? Can someone access my PC through the password-less account? If so, is there anything I can do to prevent this?

If it helps, I'm running W7 64-bit with Microsoft Security Essentials for Antivirus, Malwarebytes Antimalware (Paid Version) for Anti-Malware, and Windows Firewall.

EDIT: I changed the RDP port number for extra security. What else should I do?


Top
  Profile  
 
 Post subject: Re: RDP Over Web - Am I Secure?
PostPosted: Fri Sep 17, 2010 2:20 pm 
Little Foot
Little Foot
User avatar

Joined: Sat Oct 23, 2004 8:43 am
Posts: 112
Depends on your version of Windows. XP and up are encrypted with 128-bit, but up until recently, XP had a vulnerability, where, basically no authentication was used, so for all you know, you may have been encrypting data using a hacker's encryption key.

That being said, such a hacker would have to be on the same network as you, so it's very unlikely that you'll be sniffed.

Vista and 7 are supposedly more secure. You might want to give Cain a shot and see if you can sniff your own traffic:
http://www.irongeek.com/i.php?page=vide ... mitm-sniff

Note that you'll need 3 computers to do this: the client, the server, and the man-in-the-middle PC.


Top
  Profile  
 
 Post subject: Re: RDP Over Web - Am I Secure?
PostPosted: Thu Sep 23, 2010 9:09 pm 
8086
8086

Joined: Tue Feb 16, 2010 10:04 am
Posts: 90
As Wareagle suggests, the RDP protocol is secure, but the authentication process is not quite as secure (at least the last time I checked). There’s a very slight opportunity for a MITM (Man In The Middle) attack. But that would require perfect timing by someone waiting on the same network for the opportunity. So while it’s highly unlikely to present a problem, we can't say it's 100% safe because of this one minor vulnerability.

Frankly, what I strongly recommend to ppl using ANY remote services is to run them over a VPN (SSH is another option but a bit too complicated for the average user, imo). If you use something like Hamachi ( https://secure.logmein.com/US/products/hamachi2/ ), you never need to worry about ANYTHING you do over the VPN. It will protect ALL your protocols, whether it's Windows file sharing, RDP, VNC, FTP, HTTP, you name it. And it's incredibly easy to setup and use. You just install Hamachi on your remote desktop machine and laptop. The installer creates a virtual network adapter for each, w/ a unique IP address in the 5.x.x.x network. Finally you JOIN those devices into a named network (of your choosing) and whalla, you can refer to each device by their respective 5.x.x.x IP addresses. And from then on everything you do is transparently secured within the Hamachi VPN. It's a beautiful thing.

Like anything new, at first it might not make sense. But once you “get it”, you’ll wonder why everyone doesn’t use it all the time. And it’s FREE. It’s just awesome. So awesome that I ditched SSH some time ago in favor of it, it’s just easier to use and manage.

Btw, one of the other beauties of Hamachi is that it doesn’t require leaving ports open, or managing ports, at all. Even if your RDP sessions are safe, your open ports are subject to attack. If there are vulnerabilities and hackers discover the service is running, you’re a potential target. Yes, using non-standard ports helps, but relying on “secure through obscurity” is still risky. Also, you typically need to use dynamic DNS services to track your public IP. Hamachi eliminates all these problems. Because it uses a rendezvous server and NAT traversal technology, you never have to open or manage ports or use a dynamic DNS service. The rendezvous server knows where all 5.x.x.x devices are at all times and opens the ports, as necessary, from INSIDE your network! It even addresses the authentication problem w/ RDP since the login is within the VPN as well. :)

You should try it, I think you’ll like it.


Top
  Profile  
 
Display posts from previous:  Sort by  
Post new topic Reply to topic  [ 3 posts ] 

All times are UTC - 8 hours


Who is online

Users browsing this forum: No registered users and 2 guests


You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot post attachments in this forum

Search for:
Jump to:  
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group

© 2014 Future US, Inc. All rights reserved.