Security Basics mailing list archives
RE: Remote Desktop vs VPN on Windows 2003
From: "John McGuire" <jmcguire81 () cox net>
Date: Tue, 18 Jan 2005 15:18:16 -0700
I'm guessing either Microsoft-ds on 445 or H.323/Q.931 on 1720. On a side note, do you know about subseven on 27374? I've only seen this on infected machines, so I thought I'd let you know. John McGuire BlackLight Systems -----Original Message----- From: Roger A. Grimes [mailto:roger () banneretcs com] Sent: Tuesday, January 18, 2005 11:53 AM To: Paris E. Stone; Jeff Randall; security-basics () securityfocus com Subject: RE: Remote Desktop vs VPN on Windows 2003 Security through obscurity is a type of security, and it works...just not in a vacuum...and not alone. Almost all major Internet worms would have be rendered defenseless by simply changing the port number one port up. 99.9% of hacks are automated using worms, viruses, and malicious scripts. Almost of of them (9999.99%) only look on the default port. Fastest worm ever..SQL Slammer...only worked on the default SQL port. Code Red...only port 80. Spambots look for ports 25 and 80. FTP exploits ONLY look for port 21. I could go on and on. Security by obscurity works, and works well. Come find my RDP port on my domain at banneretcs.com. Prize (free book) to the first person who finds it. Go. Roger ************************************************************************ *** *Roger A. Grimes, Banneret Computer Security, Computer Security Consultant *CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4), CEH, CHFI *email: roger () banneretcs com *cell: 757-615-3355 *Author of Malicious Mobile Code: Virus Protection for Windows by O'Reilly *http://www.oreilly.com/catalog/malmobcode *Author of Honeypots for Windows (Apress) *http://www.apress.com/book/bookDisplay.html?bID=281 ************************************************************************ **** -----Original Message----- From: Paris E. Stone [mailto:pstone () alhurra com] Sent: Tuesday, January 18, 2005 10:40 AM To: Roger A. Grimes; Jeff Randall; security-basics () securityfocus com Subject: RE: Remote Desktop vs VPN on Windows 2003 "Security through Obscurity" i.e. put it on a different port, is not security at all. Rdesktop on the internet, is generally a bad idea, no matter what port it runs on. Put a firewall in front of it if possible, if not, run a software firewall and then add openvpn. www.openvpn.net is free, and will allow IPSEC connectivity that you can use to access the machine, then you get MSTSC(remote desktop) access over the tunnel. -----Original Message----- From: Roger A. Grimes [mailto:roger () banneretcs com] Sent: Friday, January 14, 2005 5:16 PM To: Jeff Randall; security-basics () securityfocus com Subject: RE: Remote Desktop vs VPN on Windows 2003 I can think of NO reason not to use Remote Desktop. Remote Desktop is fast and secure. Everything is encrypted past the logon name. To get additional security assurance, change the default TCP port from 3389 to something randomly high...like 58645 (which you can do with a regedit on the server...just google it). Then add the new port number to your server address...like www.example.com:58645. Roger ************************************************************************ *** *Roger A. Grimes, Banneret Computer Security, Computer Security Consultant *CPA, CISSP, MCSE: Security (NT/2000/2003/MVP), CNE (3/4), CEH, CHFI *email: roger () banneretcs com *cell: 757-615-3355 *Author of Malicious Mobile Code: Virus Protection for Windows by O'Reilly *http://www.oreilly.com/catalog/malmobcode *Author of Honeypots for Windows (Apress) *http://www.apress.com/book/bookDisplay.html?bID=281 ************************************************************************ **** -----Original Message----- From: Jeff Randall [mailto:Jeff.Randall () ksg-llc net] Sent: Thursday, January 13, 2005 3:23 PM To: security-basics () securityfocus com Subject: Remote Desktop vs VPN on Windows 2003 I have setup a web server running win2k3 and was curious about remotely accessing it with an XP box. Only one requirement, it has to be FREE. =20 Here is what I have setup and as of now working but I would like in the end to only run one. 1. RRAS using PPTP. It's not a DC so I use local accounts. 2. VNC. TiteVNC to be specific. 3. Remote Desktop - went into the admin tools and set the encryption level to high. Please no crazy setups like upgrade to DC and run IAS for Radius or running IPSEC tunnels, just would like peoples thoughts on the security level of each of these programs and what they feel are the most secure. If you can get specific about encryption, keys, key lengths, that would be great. Thanks
Current thread:
- Remote Desktop vs VPN on Windows 2003 Jeff Randall (Jan 14)
- Re: Remote Desktop vs VPN on Windows 2003 Michael Gale (Jan 17)
- <Possible follow-ups>
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 17)
- Re: Remote Desktop vs VPN on Windows 2003 Ansgar -59cobalt- Wiechers (Jan 17)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 19)
- Re: Remote Desktop vs VPN on Windows 2003 Ansgar -59cobalt- Wiechers (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 19)
- Re: Remote Desktop vs VPN on Windows 2003 Anonymous (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 John McGuire (Jan 19)
- Re: Remote Desktop vs VPN on Windows 2003 shrek-m () gmx de (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 David Gillett (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Paris E. Stone (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Rhett Grant (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Paris E. Stone (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Danny Puckett (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Paris E. Stone (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Joe Dumass (Jan 19)
- RE: non-default ports (Was: Remote Desktop vs VPN on Windows 2003) Alexander Klimov (Jan 19)
- RE: Remote Desktop vs VPN on Windows 2003 Roger A. Grimes (Jan 19)
(Thread continues...)