XP Pro RDP vulnerable over the internet?

Toggle sidebar Toggle sidebar

VirtualLarry

No Lifer
Aug 25, 2001
56,449
10,119
126
http://www.oxid.it/downloads/rdp-gbu.pdf

I went looking for info on MITM attacks against RDP and found this PDF. Doesn't sound too good. I wanted to set up a remote-accessable server at my apt, so I can login remotely and do work while I'm at a friend's house. Was thinking of using RDP. Now I'm not so sure that's safe.

Edit: Found this, seems to have solutions for the MITM issue.
http://blogs.msdn.com/b/rds/archive...ion-to-prevent-man-in-the-middle-attacks.aspx

I can't figure out if XP Pro SP3 or Win7 Pro can implement those schemes, it seems like they are only for servers.
 
Last edited:

CptCrunch

Golden Member
Jan 31, 2005
1,878
1
0
if you want to do RDP to home from work, you can do 2 options with relative security and safety.

1) VPN. Build a vpn server, log in, RDP

2) RDP. RDP to a high port, like 45123, but tell your router to forward 45123 to 3389 for x.x.x.x. This will probably require DDWRT or Tomato, unless your stock firmware can forward ports

2b) alternatively, see http://support.microsoft.com/kb/306759
 

RebateMonger

Elite Member
Dec 24, 2005
11,588
0
0
The original link was written in 2005.

When using the latest Remote Desktop client with the latest versions of Windows, you can require server authentication. I'm hardly an expert in this, but I believe this should prevent man-in-the-middle attacks.

Also, remote access to your PCs through Windows Home Server uses the same remote access system as Windows Small Business Server which is also invulnerable to MITH attacks.

And, as mentioned, an SSL VPN tunnel will also prevent MITM attacks.
 
Last edited:
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom
sale-70-410-exam    | Exam-200-125-pdf    | we-sale-70-410-exam    | hot-sale-70-410-exam    | Latest-exam-700-603-Dumps    | Dumps-98-363-exams-date    | Certs-200-125-date    | Dumps-300-075-exams-date    | hot-sale-book-C8010-726-book    | Hot-Sale-200-310-Exam    | Exam-Description-200-310-dumps?    | hot-sale-book-200-125-book    | Latest-Updated-300-209-Exam    | Dumps-210-260-exams-date    | Download-200-125-Exam-PDF    | Exam-Description-300-101-dumps    | Certs-300-101-date    | Hot-Sale-300-075-Exam    | Latest-exam-200-125-Dumps    | Exam-Description-200-125-dumps    | Latest-Updated-300-075-Exam    | hot-sale-book-210-260-book    | Dumps-200-901-exams-date    | Certs-200-901-date    | Latest-exam-1Z0-062-Dumps    | Hot-Sale-1Z0-062-Exam    | Certs-CSSLP-date    | 100%-Pass-70-383-Exams    | Latest-JN0-360-real-exam-questions    | 100%-Pass-4A0-100-Real-Exam-Questions    | Dumps-300-135-exams-date    | Passed-200-105-Tech-Exams    | Latest-Updated-200-310-Exam    | Download-300-070-Exam-PDF    | Hot-Sale-JN0-360-Exam    | 100%-Pass-JN0-360-Exams    | 100%-Pass-JN0-360-Real-Exam-Questions    | Dumps-JN0-360-exams-date    | Exam-Description-1Z0-876-dumps    | Latest-exam-1Z0-876-Dumps    | Dumps-HPE0-Y53-exams-date    | 2017-Latest-HPE0-Y53-Exam    | 100%-Pass-HPE0-Y53-Real-Exam-Questions    | Pass-4A0-100-Exam    | Latest-4A0-100-Questions    | Dumps-98-365-exams-date    | 2017-Latest-98-365-Exam    | 100%-Pass-VCS-254-Exams    | 2017-Latest-VCS-273-Exam    | Dumps-200-355-exams-date    | 2017-Latest-300-320-Exam    | Pass-300-101-Exam    | 100%-Pass-300-115-Exams    |
http://www.portvapes.co.uk/    | http://www.portvapes.co.uk/    |