RDPwned: A Guide To Securing Microsoft Remote Desktop Services

Given the increase in us of RDP it’s imperative that you get serious about RDS security, even if most of the common attack vectors don’t exist (thankfully) when using #WVD.

This book first walks you through how attackers find your RDS deployments, using normal search engines and device fingerprinting search engines like Shodan. It shows you the tools hackers use to break into your environment, by performing dictionary attacks, man-in-the-middle compromises, or client-side credential stealing. Next, the author illustrates some of the most common techniques and scripts they will use to escalate their privileges from a lowly standard user all the way up to local admin and domain admin, and how they are able to deploy and run these scripts and malware on your servers. Finally, he discusses the major types of defenses you can deploy to reduce the likelihood of being attacked, and how to mitigate the damage if you are.

via RDPwned: A Guide To Securing Microsoft Remote Desktop Services

Leave a Reply

Your email address will not be published. Required fields are marked *