06-02-2008, 09:27 PM
|
||||
|
||||
|
Re: Remote Desktop
Being in IT for over 12 years, I can tell you that any remote connectivity is a risky thing. I personally use LogMeIn for my home stuff just because it incorporates the computer/domain account logon as well as runs over SSL, for additional security. And it is not only very simple to setup and maintain, but it is also free. For my company's network, I use a two layer approach: VPN over SSL -> Remote Desktop.
As for changing the port number for which RDC is being forwarded on, that really doesn't matter. My area of expertise in IT has been network and infrastructure security for the last five years or so, and I have seen a lot of the tools that these "script kiddies" are using to hack into people's computers and networks. I have even used many of them, to get a better idea of how they work and what they are looking for, to ensure that my networks are as safe as possible. What I have found is that most of the port scanners that are typically used start at the higher port numbers anyway. Because these are the non-typical ports and are usually people trying to hide their legitmate port forwarding. Another reason is that many people download music/movies/etc. from torrents, emule, etc., and p2p protocols run on higher ports. For them to work correctly, these ports have to be forwarded. There are also some legitimate software applications that listen on high ports for seemingly no reason at all. One of the best applicaitons for Windows password auditing and hacking is a commercial product called L0phtCrack, http://www.securityfocus.com/tools/1005. This can be run remotely and can crack a hard password (minimum of 8 characters with at least one alpha, one numeric and one non-alphanumeric character) in about thirty minutes (average). This same program, and many others just like it, are rampant on torrent sites and in other p2p sharing (emule, etc). The worst part of all is that being hacked is almost never about what you have, but what they want to use your network connection for. Imagine this... you are hacked and the hacker downloads a bunch of child pornography to your computer, then uploads it to another hacked FTP server for distribution. When it comes down to it, if your IP address is traced, since you have no legitimate way to prove that you were hacked, you are now in trouble for downloading child pornography. And then distributing it. Or distributing copyrighted movies, music, software, etc. Does it really happen? Yup, all the time. For the first 6 years of my IT career I worked as a network administrator for three large Internet Service Providers. And I saw this exact scenario more than once, personally. So if I were you I would just use LogMeIn, for free, and add the extra layer of security to your network. And check to see if UPNP is running on your Windows computers. Because if it is, and ports are being forwarded, you should find out what ports are being forwarded, and block them as well. If you want to talk about it more, PM me, and we can discuss...
__________________
"I remember, way back in the day, this site was hoppin' with members, posts, and some great development."
|
| This post has been thanked 1 times. |
|
06-03-2008, 03:15 AM
|
||||
|
||||
|
Re: Remote Desktop
Quote:
People do not routinely scan individual machines on all port numbers. If looking for a known security risk on a large number of machines, it is simply not efficient to scan all ports. This requires a large amount of time. It is much easier to check port 3389 on every machine, scanning all ports would require a large amount of time to check large networks. If on the other hand, you had an enemy with a lot of knowledge really out to get you and watching your machine, it would not be unreasonable to expect them to discover the flaw and scan all ports on your machine, but with most security flaws it would be fixed within a few days. With windows update enabled this would generally be fixed before any enemy would have a chance to scan your entire machine and find the flaw and exploit it. But that would require them up on security knowledge, knowing you had remote desktop open, and scanning/checking security exploits every few days. Let's be realistic here as well, it's not realistic to suggest VPN to remote desktop for users, as they do not have an external server that will support a VPN connection in, and forwarding the proper ports/protocols (depending on the type of VPN connection) to their main machine would create as many security risks (or many more) as forwarding a random port to be used for remote desktop. Not only that but it is a huge PITA to set up anyways for a normal user. All in all, remote desktop on a random port is as or more secure than logmein because not only are you not trusting a 3rd party with your information, you are not making it publicly known that you are allowing connections, and also logmein can be broken into by brute force (by trying all available passwords) just as easily as remote desktop (assuming they know you are running either). Basically, unless you have someone seriously out to break into your machine that is willing to watch your machine and security mailing lists like a hawk, you are just as or more secure running remote desktop on a random port as you are running logmein, or forwarding VPN to your main machine (although, sure, having a seperate server for VPN would be better, it's definitely not feasible for an average user). There is little to no risk involved in running remote desktop on a random port for the average user. I do, however, agree that UPNP should not be forwarding this port or any additional ports directly as it creates a security hole. Generally, however, UPNP will not forward any defaultly open ports, but remote desktop may be forwarded as this is something you open yourself. edit: by the way l0phtcrack requires a windows password file to crack the password, so it's use being mentioned here means nothing unless you already have access to the windows password file of the machine in question. This is certainly not the case when using a remote desktop exploit, or trying to bruteforce a password over remote desktop (it takes FAR longer over the internet - we're talking months/years for an 8 character password and FAR longer for anything more, and l0phtcrack will not do this, on top of that they would have to guess your username too, so we're talking many many MANY years to guess all possible combinations). Changing the port number also does matter, as it means they have to be looking directly at your machine instead of scanning large networks as most/all 'script kiddies' do. You have to have someone seriously after you specifically as mentioned above to scan all ports on your machine. LogMeIn is no more secure in this regard as it is FAR more likely that they would discover your password by breaking into logmein than bruteforcing remotedesktop on your machine. Last edited by holo; 06-03-2008 at 03:55 AM.
|
|
06-03-2008, 09:45 AM
|
||||
|
||||
|
Re: Remote Desktop
I am not going to get into a debate but strongly disagree with holo on several of his points above. But frankly I am tired (network maintenance until 3:00am this morning) and not in a very good mood and don't want to come across rude or get into an IT pissing contest. Long story short... I agree to disagree.
|
|
06-03-2008, 11:53 AM
|
||||
|
||||
|
Re: Remote Desktop
In the end it is about acceptable risk. What is the amount of risk you are willing to accept for the convenience?
With the multitude and speed of the port scanners out there I do not think I would feel comfortable entrusting my system to a random number...at least not without some other layers of protection.
|
|
06-03-2008, 11:56 AM
|
||||
|
||||
|
Re: Remote Desktop
Quote:
|
|
06-03-2008, 12:04 PM
|
||||
|
||||
|
Re: Remote Desktop
How many end user systems have passwords on there primary user accounts? By default Windows makes them admin accounts.
I won't even start with how many have user names like "user" "Computer" When the screen goes blank, will the end-user know what it means or what to do? Remote desktop control is a big risk, just for the level of interaction it provides, and the amount of access that is gained.
|
|
06-03-2008, 12:07 PM
|
||||
|
||||
|
Re: Remote Desktop
Quote:
|
|
06-03-2008, 12:13 PM
|
||||
|
||||
|
Re: Remote Desktop
I thought of that after I posted, testing it as I type now. That still does not eliminate the risk IMHO.
But, as I said, it is about what the acceptable risk your willing to take. If people are willing to have there two levels of security be a random number and username/password then more power to them. Edit: Depending on Group Policy settings you are correct and it needs an account that has a password. This is the default setting when Windows is installed, so it would have to have been changed for it to open a risk. Last edited by calash; 06-03-2008 at 12:20 PM.
|
|
07-05-2008, 02:36 PM
|
||||
|
||||
|
Re: Remote Desktop
ok this is what i have been looking for. im at work but im going to test out this software over the weekend. i need to access my home computer. my phone doesnt have enough storage on it. im constantly having to save files to my email just so i can access them from my phone its annoying. plus i have a web cam setup in the living room so i can see everyone in there. it would be cool to be able to see that from my phone. i may need help but ill b back if i do
|
 |
|
«
Previous Thread
|
Next Thread
»
Linear Mode
|
|
All times are GMT -4. The time now is 06:35 AM.
