Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Firewall Wizards: RE: Using RDP Port 3389

RE: Using RDP Port 3389

From: Spencer D'oro <sdoro_at_comcast.net>
Date: Wed, 21 Apr 2004 08:01:27 -0700

Onto Remote Administrator. I assume you are referring to the specific
program by Famatech. I have used copies of this program several times. It
has an intuitive interface, and is easily configurable, and for security,
uses 128-bit encryption for all data stream. RAdmin can also be set for
single password authentication, or it can use the built-in NT
authentication. The latest version (2.1) also ties into the Event Log. I
like this product, and would recommend it to anyone. Just follow best
practices. Change the default port number, use IP filtering, etc. These
are also configurable within RAdmin.

That's my $.02.

Spencer, MCP

-----Original Message-----
From: firewall-wizards-admin_at_honor.icsalabs.com
[mailto:firewall-wizards-admin_at_honor.icsalabs.com] On Behalf Of Melson, Paul
Sent: Monday, April 19, 2004 8:19 AM
To: Chuck Vose
Cc: woodse_at_vra.net; firewall-wizards_at_honor.icsalabs.com
Subject: RE: [fw-wiz] Using RDP Port 3389

> -----Original Message-----
> There are also other methods of remote access. Coming from *nix
> there's VNC (many varieties, some of which work for windows as well)
> and there's Remote Administrator. I can't speak for the security of
> RA, but I know VNC has been looked at many a time and at it's current
> state is pretty secure.

Actually, I think that VNC could be worse than Terminal Services from a
security point of view. First, its logging is awful. Second, it can only
be secured by a single password. Since everyone allowed to use VNC would
know the same password, this doesn't meet the standard for authentication.
Third, it gives the remote user the console. If left logged in, the only
thing between a malicious user and eavesdropping or major destruction is a
single password that can't be locked-on-failure, so it *can* be
brute-forced.

There may not be any 0d4y-spl01tz for VNC at the moment, but IMHO, it
suffers from some design flaws that make it less than secure.

That said, I use VNC with my systems at home. But this traffic is always
tunneled via SSH across the Internet.

PaulM
_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

_______________________________________________
firewall-wizards mailing list
firewall-wizards_at_honor.icsalabs.com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
Received on Apr 22 2004

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
edgeos