The document discusses Remote Desktop technology, its vulnerabilities, and security measures to protect against exploitation. It covers how Remote Desktop works, its history, software options, and various hacking techniques, including enabling remote access and bypassing firewalls. Additionally, it emphasizes the importance of limiting remote access, implementing strong password policies, and changing default settings to enhance security.
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
0 ratings0% found this document useful (0 votes)
3 views
Remote Desktop
The document discusses Remote Desktop technology, its vulnerabilities, and security measures to protect against exploitation. It covers how Remote Desktop works, its history, software options, and various hacking techniques, including enabling remote access and bypassing firewalls. Additionally, it emphasizes the importance of limiting remote access, implementing strong password policies, and changing default settings to enhance security.
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PPT, PDF, TXT or read online on Scribd
You are on page 1/ 23
Remote Desktop Security
Raghav Chawla, Jon Ussery
Group 20 What is Remote Desktop? Remote administration software Ran on foreign host’s server Displayed locally Motivation Very popular Increasingly mobile society Need to access home/work PCs Extremely vulnerable Easy to exploit these vulnerabilities Complete access How Does it Work? For Microsoft services: Terminal services allow user to access data and applications on a remote computer Different than appstreaming, as
computations are processed on remote pc
History (Microsoft software) Terminal services were introduced in Windows NT 4.0 Vastly improved in Windows 2000 Vista has new developments as well Clipboard Audio Differences In client versions of Windows OS, only one user can be logged in at a time In the server version, concurrent sessions are allowed Terminal Services provide for remote software access In Action
Runs on port 3389
Includes ActiveX control Winlogon.exe authenticates user Keyboard and mouse inputs are transmitted via TCP connection Virtual Channels allow other devices to work (such as printers, audio, etc.) Some Software Distributions Microsoft Remote Desktop Connection RealVNC TightVNC Apple Remote Desktop (for Apple pc’s) GoToMyPC Software Comparison The Lab Hacking into remote desktop Remotely Enabling remote desktop Multiuser remote desktop hack Hacking through a firewall Security measures Hacking into Remote Desktop Transferred WinVNC files on remote pc Used RegINI.exe to load data (password, socket connections) into registry Installed VNC through command prompt Enable Remote Desktop via Network Use Regedit to connect to the Network registry Find client machine on network
After a few registry edits, remote desktop
functionality will be available Multiuser Desktop Hack Boot Windows in safe mode Changed terminal services settings Replaced termsrv.dll files with alternate Multiuser Hack (cont.) Changed some registry settings
Finally, tweak Terminal Services settings
Hacking Through A Firewall Useful if port 3389 is blocked Used Putty to setup a tunnel for accessing RDC Server Security Measures Limit users who can log on remotely Security Measures (cont.) Set an account lockout policy Security Measures (cont.) Require passwords and at least 128-bit encryption Run - %SystemRoot%\system32\ gpedit.msc /s Security Measures (cont.) Change the RDP port number Edit registry as follows: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp Other Tools Loopback! Any Questions?