remote desktop security

Download Remote Desktop Security

Post on 13-Feb-2016




0 download

Embed Size (px)


Remote Desktop Security. Raghav Chawla, Jon Ussery Group 20. What is Remote Desktop?. Remote administration software Ran on foreign host’s server Displayed locally. Motivation. Very popular Increasingly mobile society Need to access home/work PCs Extremely vulnerable - PowerPoint PPT Presentation


  • Remote Desktop SecurityRaghav Chawla, Jon UsseryGroup 20

  • What is Remote Desktop?Remote administration softwareRan on foreign hosts serverDisplayed locally

  • MotivationVery popular Increasingly mobile societyNeed to access home/work PCsExtremely vulnerableEasy to exploit these vulnerabilitiesComplete access

  • How Does it Work?For Microsoft services:Terminal services allow user to access data and applications on a remote computerDifferent than appstreaming, as computations are processed on remote pc

  • History (Microsoft software)Terminal services were introduced in Windows NT 4.0Vastly improved in Windows 2000Vista has new developments as wellClipboardAudio

  • DifferencesIn client versions of Windows OS, only one user can be logged in at a timeIn the server version, concurrent sessions are allowedTerminal Services provide for remote software access

  • In Action

    Runs on port 3389Includes ActiveX controlWinlogon.exe authenticates userKeyboard and mouse inputs are transmitted via TCP connectionVirtual Channels allow other devices to work (such as printers, audio, etc.)

  • Some Software DistributionsMicrosoft Remote Desktop ConnectionRealVNCTightVNCApple Remote Desktop (for Apple pcs)GoToMyPC

  • Software Comparison

  • The LabHacking into remote desktopRemotely Enabling remote desktopMultiuser remote desktop hackHacking through a firewallSecurity measures

  • Hacking into Remote DesktopTransferred WinVNC files on remote pc Used RegINI.exe to load data (password, socket connections) into registryInstalled VNC through command prompt

  • Enable Remote Desktop via NetworkUse Regedit to connect to the Network registry

  • Find client machine on network

    After a few registry edits, remote desktop functionality will be available

  • Multiuser Desktop HackBoot Windows in safe modeChanged terminal services settingsReplaced termsrv.dll files with alternate

  • Multiuser Hack (cont.)Changed some registry settings

    Finally, tweak Terminal Services settings

  • Hacking Through A FirewallUseful if port 3389 is blockedUsed Putty to setup a tunnel for accessing RDC Server

  • Security MeasuresLimit users who can log on remotely

  • Security Measures (cont.)Set an account lockout policy

  • Security Measures (cont.)Require passwords and at least 128-bit encryptionRun - %SystemRoot%\system32\gpedit.msc /s

  • Security Measures (cont.)Change the RDP port numberEdit registry as follows:HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp

  • Other Tools

  • Loopback!

  • Any Questions?



View more >