Security risks using Remote Desktop over the Internet?

[Jan Blood]

Hi,
I successfully used Remote Desktop to connect to my home
computer over the Internet while I was on vacation last
week. All I had to do was open up the correct ports (3389
I believe?) on my router, which is connected to my home
computer running WinXP Pro. When on vacation I then
connected to the Internet using a laptop, and just by
typing in the WAN IP address of my home computer along
with a user name and password, I was able to remotely take
over my home computer.

My question is:
Are there any security risks I should be aware of by using
this method. Is there a better and more secure way to use
Remote Desktop over the Internet to connect to my home
computer?

Thanks for any help,
Jan

 

[Bill Sanderson]

I'm absolutely in agreement with the article Jeffrey cites, and Jeffrey.

However, you should be aware that there is a brute-force attack tool for
Terminal Services passwords which has been "completed" rather recently,
although it's been in the works for some years.

Best practices probably include renaming the Administrator account, using
strong passwords on any administrator-level accounts or accounts which can
be used across a network, auditing logon/logoff events, and locking out
accounts for a time period after x bad logon attempts.

It also may be possible to use IPSEC to filter traffic on this port so that
only specific IP's or subnets can connect.

Lots of advice, but no time to post specific's, I'm afraid!

 

[Jeffrey Randow (MVP)]

Welcome back Bill...

Jeffrey Randow (Windows MVP - Networking & Smart Display)
(e-mail address removed)

Please post all responses to the newsgroups for the benefit
of all USENET users. Messages sent via email may or may not
be answered depending on time availability....

Remote Networking Technology Wiki -
http://www.remotenetworktechnology.com
Smart Display Support - http://www.smartdisplays.us
Windows XP Expert Zone - http://www.microsoft.com/windowsxp/expertzone