It is a fact that if you utilize external RDP you will have a substantial attack surface that you otherwise wouldn't. Try to stay away from 'whataboutism' it doesn't help your argument to say. It's a fact that there are well documented and demonstrable security concerns with RDP, and that's unlikely to change. It seems you are looking for validation, or for someone to outright definitively prove RDP is unacceptable. If you have calculated the risk of using RDP and it is acceptable to you, no one is going to change your mind. KOD (cool name by the way), most of what we do is calculate risks. From what I have seen thus far, it is not. What I am asking is if all of the worry about RDP is justified. So, if you keep your OS updated, move to the newer OS versions every 5 years or so and use a respectable passphrase as a password, just how insecure would RDP still be? The point is not to make something un-hackable forever, it's to make it safe for the time in which the information gained by hacking it could be useful to hackers, and longer passwords accomplish just that.Įven if you go with LogMeIn, TeamViewer or any other VPN or remote solution, you will still be vulnerable to human error in coding - potentially opening your machine/business to a zero day security flaw. would take "8 hundred unvigintillion years" according to one security testing site. Young elephants don't lay blue eggs on Mondays. When you use any tool to find the strength of these two examples, you will see that (using just today's rather easily obtained tech) baKer980! could be brute forced in about 3 weeks whereas Something like Young elephants don't lay blue eggs on Mondays. Now, I don't know about quantum computing's current speeds, accuracy or even usefulness in brute force hacking your RDP passwords, but I do know that baKer980! won't cut it.įor years before Microsoft advised it, we had been using and suggesting that our clients use entire nonsensical sentences that were easy to remember. Passwords like baKer980! are woefully inadequate considering the strength of even modern PCs, much less supercomputers, botnets and (should you be a high value target of a sufficiently advanced country) quantum computing. Second, grow up and create yourself a password worthy of the valuable data on your machine. I found one for you at Berkley's website here Opens a new window. The complete directions are in many places on the internet. The problem seems to be that people are worried about hackers using brute force hacking to guess their usernames and passwords, which seems easy enough to fix.įirst, limit who can log into RDP on the local machine using secpol.msc. It seems to me that RDP is a technology that Microsoft regularly updates, upgrades when warranted and that it is a currently supported code base. I mean, if you are really concerned about security, why the hell would you be running XP in 2019 - especially with RDP enabled? I would have been more worried about why you were still running any of those versions of Windows in 2019 than about the remote code execution that was patched. And, at one time, there was a security flaw in Windows in RDP that was patched in 2019 Opens a new window that concerned people still running XP, Windows Server 2003 and Windows Vista. I hear people tell me all the time to never leave RDP exposed to the internet.
0 Comments
Leave a Reply.AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |