none
Remote Desktop Security Issues RRS feed

  • Question

  • I have read alot of information about remote desktop and i see it has security issuses.  When users want to work from home, Administrators have to open port 3389 on there routers firewall  and foward that port to the users workstation ip address.  Then hackers can use NMAP to scan for the port 3389 and attack remote desktop with certain applications.  My question is what if you never open port 3389 on your routers firewall and only use Remote Desktop on your Local Area Network and not over the Internet using your external IP address, are you still at risk to be attacked?  And if so, How?
    • Changed type Codyt8 Saturday, December 18, 2010 7:12 PM wrong thread
    • Changed type Codyt8 Saturday, December 18, 2010 7:12 PM wrong thread
    • Changed type Codyt8 Saturday, December 18, 2010 7:12 PM wrong thread
    Friday, December 17, 2010 10:36 PM

Answers

  • If the 'hacker' is 'on the internet'.

    And, if your rdp traffic never traverses the internet (lan only).

    Then your traffic is never exposed to the place where the hacker functions from, thus you have no exposure to the hacker.

    Of course, if a hacker breaches your firewall and accesses your LAN, then you have problems.  But those problems surpass whether or not they can snoop an RDP session.

    To use RDP through the internet, however, instead of allowing direct access to 3389, you could instead setup a VPN and only expose the terminal server to the VPN.  Or you could setup a terminal services gateway that uses encryption.  There are methods for securing RDP.

    Lan only = no internet = bad guys can only hit you if they're on your lan.

    • Proposed as answer by Tome Tanasovski Monday, January 3, 2011 9:58 PM
    • Marked as answer by Kevin Remde Wednesday, March 2, 2011 1:39 PM
    Thursday, December 30, 2010 7:32 PM