|
|
Security Basics
RDP over the internet Jan 10 2012 05:22PM mariofa88 gmail com (6 replies) RE: RDP over the internet Jan 10 2012 05:47PM William Baltas (bill baltas cleanwaterteam com) (2 replies) Re: RDP over the internet Jan 10 2012 06:00PM Mike Hale (eyeronic design gmail com) (4 replies) Re: RDP over the internet Mar 14 2012 01:41PM Alex Fiuvertiz (fiuvertiz gmail com) (3 replies) Re: RDP over the internet Mar 16 2012 09:29AM Ansgar Wiechers (bugtraq planetcobalt net) (1 replies) Re: RDP over the internet Mar 17 2012 01:46PM Thugzclub (thugzclub googlemail com) (1 replies) Re: RDP over the internet Mar 17 2012 06:04PM Ansgar Wiechers (bugtraq planetcobalt net) (1 replies) RE: RDP over the internet Mar 19 2012 05:05PM Dan Lynch (DLynch placer ca gov) (1 replies) Re: RDP over the internet Mar 19 2012 06:52PM Ansgar Wiechers (bugtraq planetcobalt net) (1 replies) Re: RDP over the internet Mar 15 2012 06:43AM Mike Hale (eyeronic design gmail com) (1 replies) Re: RDP over the internet Mar 15 2012 10:12PM Thugzclub (thugzclub googlemail com) (3 replies) Re: RDP over the internet Jan 10 2012 06:46PM joseph itsec-asia com (2 replies) Re: RDP over the internet Jan 10 2012 07:29PM Ansgar Wiechers (bugtraq planetcobalt net) (1 replies) Re: RDP over the internet Jan 10 2012 10:05PM security (at) stealthnodes (dot) com [email concealed] (security stealthnodes com) Re: RDP over the internet Jan 10 2012 07:25PM Andre Silaghi (andre silaghi googlemail com) (1 replies) Re: RDP over the internet Jan 10 2012 06:43PM Ricardo Ferreira (ricardo ferreira sotechdatacenter com br) (2 replies) |
|
Privacy Statement |
> On 10-01-2012 16:00, Mike Hale wrote:
>> "Don't leave port 3389 open on the Internet at all, the port is much
>> too vulnerable."
>>
>> Explain. What unpatched vulnerabilities for RDP exist in Server
>> 2008?
>>
>> Why is it more secure to provide your credentials to a third party
>> and to install a third party client on your machine?
>
> Answers to your questions...
>
> http://technet.microsoft.com/en-us/security/bulletin/MS09-044
> http://technet.microsoft.com/en-us/security/bulletin/ms11-017
> http://technet.microsoft.com/en-us/security/bulletin/ms11-065
Which part of "unpatched" did you fail to understand?
Not to mention that it certainly doesn't explain AT ALL why anyone in
his right mind would want to trust his credentials to a third party.
Regards
Ansgar Wiechers
--
"All vulnerabilities deserve a public fear period prior to patches
becoming available."
--Jason Coombs on Bugtraq
------------------------------------------------------------------------
Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.
http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------
[ reply ]