Suggestions on ways to Secure RDP?

[CanadianEh]

Good morning,

For years, I've always used port mapping and opened up TCP Port 3389 in my firewall for RDP access to my Sage box, to fix things remotely when needed.

Unfortunately, I'm getting a ton of traffic an errors int he event log indicating someone/something is trying to hack me through RDP. I do use secure passwords, but just because of all of the attempts I see, I've had to close down the port from the outside world.

Does anyone have a better solution for this that uses freeware or some cheap software? I figured I must not be the only one to attempt this, so one of you guys must have suggestions


Thanks!
-Jay

[sic0048]

Use a different port to start with. With some routers you can simple map an external port to a different internal port on a specific computer on the network. This feature is generally called "Port Forwarding"

So intead of using port 3389 externally, perhaps you use port 25432. Forward external port 25432 to the internal port 3389 on the computer you wish to access via RDP.

This also allows you to access more than one internal computer via RDP. Simply forward another external port - perhaps 25433 to internal port 3389 of a different internal computer.

Hopefully that makes sense. If your router does not allow you to map ports like this, then you can always change the default RDP port that each computer uses. But that generally requires a registry hack, so the mapping of ports on the router is easier to do.

Hope that helps!

[brewston]

Tunnel it through ssh. You either need to install and run Cygwin on your PC at both ends or have a linux box on your network somewhere (My NAS runs linux so I use that)

Then, remotely you run :

ssh -C -L 3389:x.x.x.x:3389 user@y.y.y.y

Where x.x.x.x is the LAN IP address of the Windows PC and y.y.y.y your WAN IP address.

For extra security change the ssh port from 22 to something else and also make sure ssh doesn't allow remote logins as root

[zoundz]

You can run SSH on Windows for free without the bother of cygwin. WinSSHD works just fine and you can then tunnel VNC or RDP using Putty as a client on the remote. If you use a port other than 22 for your SSH access and if you only allow SSH public/private key authorization (no password auth), you are pretty much going to be immune to outside attacks.

YMMV but it works for me.

[[JiF]Mike]

I use the free version of www.logmein.com on a few pc's in the house including my sage box. If you use sage in service mode this works really well. If you have sage running in full screen mode you will get a black screen as the program does not transmit the sage screen for whatever reason. Pressing "shift-ctrl-f" will put sage in window mode so you can get to the desktop. LogMeIn is secure and you don't have to forward any ports in your router/firewall.

[razrsharpe]

+1 for logmein... i use it on all my pcs and the pcs of family members so i can remote trouble shoot them