Linked by David Adams on Sat 16th Jul 2005 22:58 UTC, submitted by GeekGod
Privacy, Security, Encryption A denial of service vulnerability reportedly affects the Windows Remote Desktop Protocol. Either disable RDP or make sure you have a firewall enabled for port 3389 until a fix is available.
Order by: Score:
Change port
by Anonymous on Sat 16th Jul 2005 23:04 UTC
Anonymous
Member since:
---

How to change the listening port for Remote Desktop
http://support.microsoft.com/kb/306759/

(requires restart)

How to configure the Remote Desktop client to connect to a specific port when you use Windows XP
http://support.microsoft.com/kb/304304/

Don't forget to update the firewall too

Reply Score: 0

RE: Change port
by the_trapper on Sat 16th Jul 2005 23:14 UTC in reply to "Change port"
the_trapper Member since:
2005-07-07

Not bad advice if you must use RDP until the fix is available, however, ideally one should disable RDP until a fix is available like the article says.

There are plenty of secure alternatives available, my favorite being VNC:

http://www.realvnc.com/

or its popular derivative TightVNC:

http://www.tightvnc.com/

Some would argue that VNC is actually superior to RDP. It is definitely alot more cross-platform.

Reply Score: 2

RE: Change port
by TBPrince on Sun 17th Jul 2005 01:32 UTC in reply to "Change port"
TBPrince Member since:
2005-07-06

How to change the listening port for Remote Desktop

Aw... bad service to have a bug to. A bit disappointing... though I knew that could happen sometime.

Thank you for your links as they're very helpful. I think it would be good to change default port for RDP service when in cases like mine where I cannot disable it nor that's inside an internal corporate network.

Thanks again.

Reply Score: 1

VNC is not a secure solution
by Anonymous on Sat 16th Jul 2005 23:17 UTC
Anonymous
Member since:
---

vnc is a totally insecure protocol unless it is wrapped in something like an ssh forward or vpn tunnel.

Reply Score: 0

Humbug
by Beryllium on Sat 16th Jul 2005 23:26 UTC
Beryllium
Member since:
2005-07-08

VNC is slow as molasses. RDP - and the Unix RDesktop client, for connecting to RDP-enabled machines - is speedy enough for me to use as a primary connection. RDP is one of the few things MS has done right, IMO, even when you take into account the DoS flaw.

Reply Score: 1

RE: Humbug
by Anonymous on Sun 17th Jul 2005 06:34 UTC in reply to "Humbug"
Anonymous Member since:
---

> RDP is one of the few things MS has done right
Perhaps just because MS didn't actualy wrote it ;) RDP protocol is made from Citrix protocol.

Reply Score: 0

RE[2]: Humbug
by Anonymous on Sun 17th Jul 2005 13:01 UTC in reply to "RE: Humbug"
Anonymous Member since:
---

Wrong. Citrix use and developed an entirely different protocol (ICA?)
RDP is based on a Netmeeting feature that was based on a standard protocol.

Reply Score: 0

Why are these services even ON by default
by Zenja on Sat 16th Jul 2005 23:45 UTC
Zenja
Member since:
2005-07-06

Tsk tsk, silly microsoft, satisfying the demands of coorporate customers, hence the ports are ON by default.

Reply Score: 1

n4cer Member since:
2005-07-06

It isn't on by default. It must be enabled.

Reply Score: 1

Lettherebemorelight Member since:
2005-07-11

Sounds more like satisfying the demands or virus/worm writers and script kiddies to me.

Reply Score: 1

Anonymous Member since:
---

they are not on by default.
but hey, way to understand the article before bashing someone.

Reply Score: 0

ssh
by Anonymous on Sun 17th Jul 2005 05:24 UTC
Anonymous
Member since:
---

vnc is a totally insecure protocol unless it is wrapped in something like an ssh forward or vpn tunnel.

http://www.whitedust.net/article/27/Recent%20SSH%20Brute-Fo...

Reply Score: 0

WTF?
by zombie process on Sun 17th Jul 2005 05:39 UTC
zombie process
Member since:
2005-07-08

"If an attack were successful, receipt of such a malformed Remote Desktop request could cause the vulnerable system to fail in such a way that it could cause a denial of service. Our investigation has determined that this is limited to a denial of service, and therefore an attacker could not use this vulnerability to take complete control of a system."


Okay - so, someone could potentially run DoS against your box. Solutions? TURN YOU BOX OFF!!!!!!! This is perhaps the dumbest thing I have ever heard. Would you buy this? :

Warning: Criminals might use the key slot on your car to break into and steal your car - our recommendation for the meantime is to fill your key slots with epoxy, AND TO FILL YOUR GAS TANKS WITH SAND!

This is asinine security. Someone might do something to your favorite toy, so you had better break it yourself? WTF? Is this a 1940s playground or a network we're discussing?

Reply Score: 0

YEAH!
by zombie process on Sun 17th Jul 2005 05:47 UTC
zombie process
Member since:
2005-07-08

"vnc is a totally insecure protocol unless it is wrapped in something like an ssh forward or vpn tunnel.

http://www.whitedust.net/article/27/Recent%20SSH%20Brute-Fo...

WOW! Was that article written by a 13 year old? I really don't mean to be an asshole, but that's the type of article that a HS kid would write. BEWARE: PASSWORDS CAN BE CRACKED!!!!!!!!!!!! No Sh!t? I'd better hide under my bed!

Listen - any service you run can be cracked. Any "pasworded" service you run can be cracked more easily - SSH is no different. If this is outside your realm of understanding, you should not be running a publicly accessible service. period.

Reply Score: 1

The gods laugh at the dance of Wintendo
by Anonymous on Sun 17th Jul 2005 08:10 UTC
Anonymous
Member since:
---

"A denial of service vulnerability reportedly affects the Windows Remote Desktop Protocol. Either disable RDP or make sure you have a firewall enabled for port 3389 until a fix is available."

Or switch to Linux and never look back, and laugh, oh how I laughed.

Reply Score: 0

v Microsoft Security is an oxymoron
by Anonymous on Sun 17th Jul 2005 21:37 UTC
v On VNC
by Anonymous on Mon 18th Jul 2005 01:58 UTC
re: On VNC
by abdavidson on Mon 18th Jul 2005 02:47 UTC
abdavidson
Member since:
2005-07-06

"Although this thread is crap already I'll just point out a few things. UltraVNC offers encryption built-in. It also has a Video Driver addon that makes it perform just as fast as RDP over slow connections. For Lan use even without the Video Driver VNC performs just as well as RDP."

Wrong. Absolutely totally wrong.

VNC is nowhere near as fast or transparent as RDP on LAN or remote use. It's slower in all it's variants and implementations.

Reply Score: 1

re: On VNC again
by abdavidson on Mon 18th Jul 2005 02:48 UTC
abdavidson
Member since:
2005-07-06

"You get your real desktop, not some terminal server profile."

Never heard of /console then. Absolutely clueless.

Reply Score: 1

re: On VNC
by Beryllium on Mon 18th Jul 2005 06:18 UTC
Beryllium
Member since:
2005-07-08

"You get your real desktop, not some terminal server profile."

I use Remote Desktop on Windows XP Pro. I can assure you that you get your 'real' desktop. I start up all my apps in the morning, then head to work. If for some reason I need to access my home machine from work, I just rdesktop in and all my applications are there for me to use, just like if I were at home.

Now, one benefit that Windows XP's RDP has over most (all?) VNC incarnations is that when you're remote controlling your desktop, people sitting at the physical machine can't see what you're doing - the screen is locked. If they successfully log in, it disconnects your session - likewise, if you successfully log in, it disconnects their session.

If you share a PC with your roommate, it can lead to lots of fun. ;-)

Reply Score: 1

use radmin
by Anonymous on Tue 19th Jul 2005 04:35 UTC
Anonymous
Member since:
---

it's better and more secure than vnc and rdp, and almost as fast as rdp, or faster on modem connections.

Reply Score: 0