Products > Security

RDP Brute Force Attacks on my PC - caused monitors to flash black

<< < (9/9)

Bicurico:
If people consider an open RDP port bad practice, I would say that an open VNC port is a VERY BAD practice.

Anyway, I just bought myself an Asus router of the newer kind - still not a too expensive model...

The thing is: it is not supported by DD-WRT, Merlin or OpenWrt. I knew that but thought that I would just use the VPN functionality supported by the stock firmware.

Bah... Asus decided that all the extra features like VPN are only available in router mode. If you switch to access point mode, these options are not available.

Plus, if you do configure the device into router mode, the VPN will only listen to the WAN port and of course the WAN/LAN ports have to be configured in different subnets.

See why I like DD-WRT? You can just configure it to access point mode, use the WAN port as a LAN port, but still retain all the services like DynDNS, VPN, etc.

I will give it a last test, connecting it like this: WAN -> Provider Router 192.168.2.x -> Asus Router 192.168.1.x

But I fear that won't work, either, due to the IPTV that is fed by the provider router into my network.

So I think it will be returned and I am 2h poorer...

Regards,
Vitor

Bicurico:
Update here: https://www.eevblog.com/forum/security/recommended-stand-alone-vpn-servers/msg2695695/#msg2695695

Got everything to work with the new ASUS router and now have a fast VPN server (couldn't test the final bandwidth, as my office internet bandwidth is smaller than what my router can handle when doing VPN). This allows to more or less use RDP as before, but with additional security layer.

And the end result is that the screen does not flicker anymore, which was driving me nuts!

This can be easily reproduced, btw: You need two computers, one running Windows Professional. Configure it to accept RDP requests, but uncheck the option "Allow connections only from computers running Remote Desktop with Network Level Authentication (recommended)".

From the other computer launch RDP and open the first computer: enter the wrong user/password and notice how the screen of the first computer flashes. Repeat and see how annoying it gets.

I guess that is a cool way to annoy office workmates...

Regards,
Vitor

BravoV:

--- Quote from: Bicurico on September 17, 2019, 09:06:12 pm ---Got everything to work with the new ASUS router and now have a fast VPN server (couldn't test the final bandwidth, as my office internet bandwidth is smaller than what my router can handle when doing VPN). This allows to more or less use RDP as before, but with additional security layer.

--- End quote ---

Glad to hear this  :-+ , modern routers nowadays use powerful cpu that handling the VPN processing easily.

At my mom's 64M link, once I measured running at full bandwidth when I was copying huge file over VPN, the router's cpu utilization is merely under 10%.

gnif:

--- Quote from: Bicurico on September 16, 2019, 02:29:29 pm ---If people consider an open RDP port bad practice, I would say that an open VNC port is a VERY BAD practice.

--- End quote ---

I'd wager that RDP is far worse then VNC since Microsoft's RDP implementation is closed source and only has a limited number of eyes looking at it. VNC has been around for years (20+?) as an open-source protocol, looked over by countless people for both home and inclusion in enterprise-grade mission-critical equipment. RDP in comparison is a baby compared to VNC.

That said, you should never expose any form of remote access to any system, be it a server or an enterprise endpoint. You really need some added layer of protection such as a VPN or a jump box.

Navigation

[0] Message Index

[*] Previous page

There was an error while thanking
Thanking...
Go to full version