![]() ![]() Instead of connecting across the public internet, consider a VPN or Windows’ built-in Remote Desktop Gateway. However, access is still possible when your client isn’t in the same LAN as the RDP server. Let’s reiterate this one more time, because it’s the most important RDP best practice: Never expose RDP servers to the public internet! ![]() Due to the number of vulnerabilities discovered in the RDP protocol over the years, there’s no reliably secure way to leave them open to connections over the public internet.Every day, attackers are scanning for internet-facing RDP servers (port 3389 open), and will try every attack in their arsenal to break in. NEVER expose RDP servers to the public internet.Some general tips for securing Remote Desktop Protocol: Furthermore, RDP has been subject to many vulnerabilities over the years, some of which allow attackers to connect without valid credentials (such as CVE-2019-0708 aka BlueKeep). Securing RDP Serversĭue to the ease of use and popularity of RDP, it’s essential that organizations take steps to secure all hosts that can act as an RDP server (including non-server workstations). If the log-in is authenticated, you’ll be able to view and control the remote host’s desktop environment as if you were physically at that system. Remote Desktop Connection client log-in prompt in Windows 10 (1903)
0 Comments
Leave a Reply. |