RE: Remote Desktop vs VPN on Windows 2003

From: Paris E. Stone (pstone_at_alhurra.com)
Date: 01/18/05

  • Next message: Times Enemy: "Re: port listner" 
    Date: Tue, 18 Jan 2005 15:30:19 -0500
To: "Ansgar -59cobalt- Wiechers" <bugtraq@planetcobalt.net>, <security-basics@securityfocus.com>

    As was my original post, avoid naked RDP on the internet at all costs.

    Secure it with other means.

    -----Original Message-----
    From: Ansgar -59cobalt- Wiechers [mailto:bugtraq@planetcobalt.net]
    Sent: Tuesday, January 18, 2005 9:01 AM
    To: security-basics@securityfocus.com
    Subject: Re: Remote Desktop vs VPN on Windows 2003

    On 2005-01-17 Roger A. Grimes wrote:
    > I don't think RC4, by itself is weak...it's specific implementations
    > of RC4 (like in WEP).

    No. It's an algorithm problem, not an implementation problem.

    > Yes, RDP did have an RC4 vulnerability in 2002, but it was patched.
    > SSH had an RC4 vulnerability just a few months before RDP did (in
    > 2001). Both are patched now.

    The "patch" for SSH was to completely remove RC4 support. I don't think
    RDP was patched the same way (but I would welcome anyone to prove me
    wrong here).

    > SSH seems to get hacked at least once a year.

    True. But that's because of implementation problems, not because of
    problems with the underlying encryption algorithms. Implementation
    problems can be (more or less) easily patched.

    [...]
    > RDP is free (for W2K and above),

    Well, it's not really free, but I think I know what you mean.

    > remote client can be nearly anything (especiallly with RDP ActiveX
    > control),

    Requiring IE which one usually wants to avoid.

    > its encrypted,

    Using a weak algorithm.

    > fast, has kick *** Edit-Copy, Edit-Paste features, remote printing
    > (not so hot), drive mapping, etc.

    True.

    > RDP is arguably running on more Windows enterprise servers than any
    > alternative but SSH (and maybe PC Anywhere), and it has not had a
    > public exploit demonstrated since 2002. I'd say it is a strong
    > candidate for consideration.

    Please re-read my post. I was not suggesting to avoid RDP, but to tunnel
    RDP connections through e.g. SSH, which can be easily done. That way you
    have RDP *and* strong encryption.

    Regards
    Ansgar Wiechers 

    -- 
"Those who would give up liberty for a little temporary safety
deserve neither liberty nor safety, and will lose both."
--Benjamin Franklin
  • Next message: Times Enemy: "Re: port listner"
    Loading