Pentest Blog

13. März 2017 – Know-how

Attacking RDP: How to eavesdrop on poorly secured RDP connections

Ein Fachartikel von IT Security Consultant Dr. Adrian Vollmer

"The Remote Desktop Protocol (RDP) is used by system administrators everyday to log onto remote Windows machines. Perhaps most commonly, it is used to perform administrative tasks on critical servers such as the domain controller with highly privileged accounts, whose credentials are transmitted via RDP. It is thus vital to use a secure RDP configuration. [...] This article was written to raise awareness of how important it is to take certificate warnings seriously and to show you how to securely configure your Windows landscape."

Den vollständigen Artikel finden Sie hier.

Eine deutsche Fassung des Artikels finden Sie hier.

Den Source Code des Tools zum Artikel ("Seth") finden Sie auf unserem github-Account "SySS Research. Open source IT security software tools and information".

Termine

12.12.2017 - 13.12.2017
SySS-Schulung – Secu3: Incident Detection
25.01.2018
Live-Hack mit Sebastian Schreiber, Fokustag "Cyber-Versicherung", Leipzig
06.02.2018 - 07.02.2018
SySS-Schulung - Hack1: Hacking Workshop 1
08.02.2018 - 09.02.2018
SySS-Schulung - Hack2: Hacking Workshop 2