Re: Securtiy of forwarding RDP
- From: "Somebody." <somebody.@xxxxxxxxxxxxxxxxxxxxx>
- Date: Wed, 11 Jan 2006 16:40:41 -0500
"Mike Bailey" <mbailey@xxxxxxxxxxxxxxxxxxxx> wrote in message
news:43c531e6$1_3@xxxxxxxxxxxxxxxxxxxxx
> In my PIX, I have a rule set up to forward Remote Desktop (port 3389)
> through to one of my servers:
>
> static (inside,outside) tcp interface 3389 192.168.1.5 3389 netmask
> 255.255.255.255 0 0
>
> Another rule was created to allow RDP to another server. Since 3389 was
> already used, we used 3390, which is forward through to 3389 on the other
> server:
>
> static (inside,outside) tcp interface 3390 192.168.1.6 3389 netmask
> 255.255.255.255 0 0
>
> My question is - is this safe? And would it be safe to do the same thing
> to allow RDP directly to my workstation - say forward 3391 to my ip
> address?
>
> Thanks,
> Mike
Well, no it's not safe. Is it safe enough for you? I can't answer that.
It's succeptible to man in the middle, you've made no mention of enryption,
anyone can poke away at the password, you've made no mention of strong
authentication.
Were I to be tasked with hacking your network, this would be by far the
easiest route, since simply getting your username and password (insert dozen
different methods here) would yield me complete control of a workstation
inside the LAN.
-Russ.
.
- References:
- Securtiy of forwarding RDP
- From: Mike Bailey
- Securtiy of forwarding RDP
- Prev by Date: Re: Route Multiple Internet IP addresses to internal web server.. Need help..
- Next by Date: Re: Incoming port accesses from China
- Previous by thread: Securtiy of forwarding RDP
- Next by thread: Re: Securtiy of forwarding RDP
- Index(es):
Relevant Pages
|
