Securing Windows Remote Desktop

Just a quick list of pointers to help you secure RDP today...

For a while now, I've been using Windows Live Mesh to connect to my home PC's from remote locations. This method was really simple and didn't require any firewall changes on my router. Unfortunately SkyDrive, Live Mesh's successor, does not include this feature so I'll need to use RDP or another service such as LogMeIn.com. LogMeIn is a great service, so I'd recommend using this (even MS is recommending it!)

But for those of you that prefer/need to use RDP, here's a few tips for increasing security:

Change RDP TCP port (done in the registry)

Consider implementing an SSH tunnel

Update account password to strong as possible

rename admin account to non-standard name

disable all other accounts for RDP

If possible, restrict RDP client IP range in router or other firewall

Enable windows firewall for extra protection

Checklist After Configuring
Can other ips can connect?

Can accounts other than the desired one connect?

Further Reading
http://theillustratednetwork.mvps.org/Ssh/RemoteDesktopSSH.html

http://revision3.com/hak5/HackingRDP

at No comments:

How To Scan A File/Directory With Windows Defender (Windows 8 AntiVirus)

By default there is no simple way to scan a single file or directory with the built in Windows 8 Anti Virus program.

One way is to open Windows Defender, then select Custom, then click Scan.
You are then presented with a folder selection screen, which allows you to selectively scan parts of your PC's storage.

But to scan just one file, you have to get into command line land. To do this:

1. Open a Command Prompt
2. Type the following:

"c:\Program Files\Windows Defender\MpCmdRun.exe" -scan -scantype 3 -file PATH_TO_YOUR_FILE

e.g.

"c:\Program Files\Windows Defender\MpCmdRun.exe" -scan -scantype 3 -file c:\users\ted\downloads\suspect_file.zip
You'll need to surround your file's path with double quotes if it contains spaces.

If you are using this in an automated way (e.g. your download manager is scanning completed downloads) it's worth knowing that the scan results will be logged in %TEMP%\MpCmdRun.log

You can use that file's contents to see how the scan went.

Hope that helps!
at No comments:

How To Recover Your Lost SoulseekNS Password (Windows)

Have you forgotten your Soulseek password?

If so, and you still have access to the PC you had Soulseek installed on, then you're in luck. The password is stored in plain text in the Windows registry.

You can find it here:

Computer\HKEY_CURRENT_USER\Software\Soulseek2\config

in a key called login.

Just double-click on the key and you will see your password.

Now if you've forgotten your username, then I think you're hosed!

Note, these instructions are for SoulseekNS, which is no longer under development. Not sure how you reset/find a lost password for the new version: SoulseekQT.

See you in the Dark Ambient channel!
at No comments: