RDP: Red Flag or Red Herring?

How I Might “Exploit” RDP

So What Should You Do?

Is RDP okay to have on the internet? Sure — if it is necessary to your business functionality and you’ve done the hardening you should do for any service. Here are steps you can take to use it safely:

  • Implement multi-factor authentication
  • Segment remotely accessible systems from the rest of your network
  • Limit which users allowed to login remotely
  • Limit the permissions of users, systems, and services
  • Monitor dark web resources for password leaks (credential monitoring)
  • Monitor location of logins and only allow those where your employees are located
  • Monitor for failed login attempts
  • Monitor admin behavior
  • Be aggressive about patching your perimeter systems

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store