0% found this document useful (0 votes)
3 views

Remote Desktop

The document discusses Remote Desktop technology, its vulnerabilities, and security measures to protect against exploitation. It covers how Remote Desktop works, its history, software options, and various hacking techniques, including enabling remote access and bypassing firewalls. Additionally, it emphasizes the importance of limiting remote access, implementing strong password policies, and changing default settings to enhance security.

Uploaded by

nandy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
0% found this document useful (0 votes)
3 views

Remote Desktop

The document discusses Remote Desktop technology, its vulnerabilities, and security measures to protect against exploitation. It covers how Remote Desktop works, its history, software options, and various hacking techniques, including enabling remote access and bypassing firewalls. Additionally, it emphasizes the importance of limiting remote access, implementing strong password policies, and changing default settings to enhance security.

Uploaded by

nandy
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 23

Remote Desktop Security

Raghav Chawla, Jon Ussery


Group 20
What is Remote Desktop?
 Remote administration software
 Ran on foreign host’s server
 Displayed locally
Motivation
 Very popular
 Increasingly mobile society
 Need to access home/work PCs
 Extremely vulnerable
 Easy to exploit these vulnerabilities
 Complete access
How Does it Work?
 For Microsoft services:
 Terminal services allow user to access data
and applications on a remote computer
 Different than appstreaming, as

computations are processed on remote pc


History (Microsoft software)
 Terminal services were introduced in
Windows NT 4.0
 Vastly improved in Windows 2000
 Vista has new developments as well
 Clipboard
 Audio
Differences
 In client versions of Windows OS,
only one user can be logged in at a
time
 In the server version, concurrent
sessions are allowed
 Terminal Services provide for remote
software access
In Action

 Runs on port 3389


 Includes ActiveX control
 Winlogon.exe authenticates user
 Keyboard and mouse inputs are transmitted via
TCP connection
 Virtual Channels allow other devices to work
(such as printers, audio, etc.)
Some Software Distributions
 Microsoft Remote Desktop
Connection
 RealVNC
 TightVNC
 Apple Remote Desktop (for Apple
pc’s)
 GoToMyPC
Software Comparison
The Lab
 Hacking into remote desktop
 Remotely Enabling remote desktop
 Multiuser remote desktop hack
 Hacking through a firewall
 Security measures
Hacking into Remote
Desktop
 Transferred WinVNC files on remote
pc
 Used RegINI.exe to load data
(password, socket connections) into
registry
 Installed VNC through command
prompt
Enable Remote Desktop via
Network
 Use Regedit to connect to the
Network registry
 Find client machine on network

 After a few registry edits, remote desktop


functionality will be available
Multiuser Desktop Hack
 Boot Windows in safe mode
 Changed terminal services settings
 Replaced termsrv.dll files with
alternate
Multiuser Hack (cont.)
 Changed some registry settings

 Finally, tweak Terminal Services settings


Hacking Through A Firewall
 Useful if port 3389 is blocked
 Used Putty to setup a tunnel for
accessing RDC Server
Security Measures
 Limit users who can log on remotely
Security Measures (cont.)
 Set an account lockout policy
Security Measures (cont.)
 Require passwords and at least 128-bit
encryption
 Run - %SystemRoot%\system32\
gpedit.msc /s
Security Measures (cont.)
 Change the RDP port number
 Edit registry as follows:
 HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal
Server\WinStations\RDP-Tcp
Other Tools
Loopback!
Any Questions?

You might also like