1 / 23

Remote Desktop Security

Remote Desktop Security. Raghav Chawla, Jon Ussery Group 20. What is Remote Desktop?. Remote administration software Ran on foreign host’s server Displayed locally. Motivation. Very popular Increasingly mobile society Need to access home/work PCs Extremely vulnerable

benjamin
Télécharger la présentation

Remote Desktop Security

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. Remote Desktop Security Raghav Chawla, Jon Ussery Group 20

  2. What is Remote Desktop? • Remote administration software • Ran on foreign host’s server • Displayed locally

  3. Motivation • Very popular • Increasingly mobile society • Need to access home/work PCs • Extremely vulnerable • Easy to exploit these vulnerabilities • Complete access

  4. How Does it Work? • For Microsoft services: • Terminal services allow user to access data and applications on a remote computer • Different than appstreaming, as computations are processed on remote pc

  5. History (Microsoft software) • Terminal services were introduced in Windows NT 4.0 • Vastly improved in Windows 2000 • Vista has new developments as well • Clipboard • Audio

  6. Differences • In client versions of Windows OS, only one user can be logged in at a time • In the server version, concurrent sessions are allowed • Terminal Services provide for remote software access

  7. In Action • Runs on port 3389 • Includes ActiveX control • Winlogon.exe authenticates user • Keyboard and mouse inputs are transmitted via TCP connection • Virtual Channels allow other devices to work (such as printers, audio, etc.)

  8. Some Software Distributions • Microsoft Remote Desktop Connection • RealVNC • TightVNC • Apple Remote Desktop (for Apple pc’s) • GoToMyPC

  9. Software Comparison

  10. The Lab • Hacking into remote desktop • Remotely Enabling remote desktop • Multiuser remote desktop hack • Hacking through a firewall • Security measures

  11. Hacking into Remote Desktop • Transferred WinVNC files on remote pc • Used RegINI.exe to load data (password, socket connections) into registry • Installed VNC through command prompt

  12. Enable Remote Desktop via Network • Use Regedit to connect to the Network registry

  13. Find client machine on network • After a few registry edits, remote desktop functionality will be available

  14. Multiuser Desktop Hack • Boot Windows in safe mode • Changed terminal services settings • Replaced termsrv.dll files with alternate

  15. Multiuser Hack (cont.) • Changed some registry settings • Finally, tweak Terminal Services settings

  16. Hacking Through A Firewall • Useful if port 3389 is blocked • Used Putty to setup a tunnel for accessing RDC Server

  17. Security Measures • Limit users who can log on remotely

  18. Security Measures (cont.) • Set an account lockout policy

  19. Security Measures (cont.) • Require passwords and at least 128-bit encryption • Run - %SystemRoot%\system32\gpedit.msc /s

  20. Security Measures (cont.) • Change the RDP port number • Edit registry as follows: • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

  21. Other Tools

  22. Loopback!

  23. Any Questions?

More Related