On 12-01-10 11:29 AM, Ansgar Wiechers wrote:
> On 2012-01-10 joseph (at) itsec-asia (dot) com [email concealed] wrote:
>> 3389 is a RDP, if attacker find open port on 3389 they can guessing is
>> a RDP running on the host (server).
>>
>> Actually Win Server 2008 (equivalent) has a RDP with good encryption.
>>
>> But,
>>
>> This is not enough to securing your RDP Connections. My very best
>> practice are just changing your RDP Port number ..
> Obscurity is never even a good, much less a best security practice. If a
> service is vulnerable, it's vulnerable on any port you make it listen
> on.
>
> Regards
> Ansgar Wiechers
Very true Ansgar however, obscurity does allow a open window in time for
what is needed to gain more data and better secure your perimeter so
instead of looking at it as obscurity, you can look at it as buying
yourself seconds more which can play a critical part at the end.

of course if you simply stop at obscurity then you are simply fooling
yourself into thinking you are secure (you instended as the general
public, not you)

-Payam

------------------------------------------------------------------------

Securing Apache Web Server with thawte Digital Certificate
In this guide we examine the importance of Apache-SSL and who needs an SSL certificate. We look at how SSL works, how it benefits your company and how your customers can tell if a site is secure. You will find out how to test, purchase, install and use a thawte Digital Certificate on your Apache web server. Throughout, best practices for set-up are highlighted to help you ensure efficient ongoing management of your encryption keys and digital certificates.

http://www.dinclinx.com/Redirect.aspx?36;4175;25;1371;0;5;946;e13b6be442
f727d1
------------------------------------------------------------------------

[ reply ]