Jump to content

Is Remote Desktop vulnerable to brute force attacks?

Guest PSiegmann@mail.nu

By Guest PSiegmann@mail.nu
in Windows NT Server

 Share

Recommended Posts

Guest PSiegmann@mail.nu

Guest PSiegmann@mail.nu

Posted
Posted

Something I thought about some time now: Is RDP completely secure

against brute force attacks?

 

I mean, does it stops someone, who throws 10000 password combinations

per minute? Can it sense such attacks?

  • Replies 2
  • Created
  • Last Reply

Popular Days

Popular Days

Guest Vera Noest [MVP]

Guest Vera Noest [MVP]

Posted
Posted

Re: Is Remote Desktop vulnerable to brute force attacks?

 

Your normal account security settings for the domain should handle

this. Configure the maximum number of failed logon attempts before an

account is locked, as well as the duration of the lockout and whether

it needs to be unlocked manually by an Administrator or not.

 

I believe that there is a specific security event which in it's

description has a warning that your TS might be under attack, but the

only reports I have seen about this event is that it is mainly

triggered by some general network problems, and thus is a false

alarm.

_________________________________________________________

Vera Noest

MCSE, CCEA, Microsoft MVP - Terminal Server

TS troubleshooting: http://ts.veranoest.net

___ please respond in newsgroup, NOT by private email ___

 

PSiegmann@mail.nu wrote on 04 jan 2008 in

microsoft.public.windows.terminal_services:

> Something I thought about some time now: Is RDP completely

> secure against brute force attacks?

>

> I mean, does it stops someone, who throws 10000 password

> combinations per minute? Can it sense such attacks?

Guest Paul

Guest Paul

Posted
Posted

Re: Is Remote Desktop vulnerable to brute force attacks?

 

<PSiegmann@mail.nu> wrote in message

news:d8d0a941-2b79-4a3e-bffd-4d5c3e744afd@e23g2000prf.googlegroups.com...

> Something I thought about some time now: Is RDP completely secure

> against brute force attacks?

>

> I mean, does it stops someone, who throws 10000 password combinations

> per minute? Can it sense such attacks?

>

 

Since nothing is ever totally secure, it's not a bad idea to change the RDP

TCP port, to avoid some hacker scanning for systems with port 3389 active.

 

http://support.microsoft.com/kb/306759

 

-- Paul

 Share
Go to topic listing
×
×
  • Create New...