Windows RDP Detection Scanner

Details
Stay Up To Date
Asset Type

DOMAIN,IP

Need Membership

Yes

Asset Verify

Yes

API Support

Yes

Estimate Time (Second)

7

Windows RDP Detection Scanner Detail

Misconfigured Windows RDP can cause many private data to be leaked by attackers.

What is RDP? (Remote Desktop Protocol)

RDP is a proprietary protocol developed by Microsoft that provides a user with a graphical interface to connect to another computer over a network connection. It has been a native OS feature since Windows XP. Most of the time, RDP is used for legitimate remote administration—when companies outsource IT, or remote admins have to access a server or a network users machine, they most commonly use RDP to connect to it.

One of the main risks associated with RDP comes when you allow external clients access to your network. The RDP protocol typically uses TCP port 3389. Attackers often find instances of this port open by scanning infrastructure exposed to the internet and using brute force to access open ports.

Some Advice for Common Problems

  • Audit your network for systems that use RDP for remote communication. Disable the service if unneeded, or install available patches. Users may need to work with their technology vendors to confirm that patches will not affect system processes.
  • Limit access. Consider changing the default port of TCP 3389, using virtual networking/VLANs/etc. to limit access to critical systems via RDP. Block inbound RDP access from the internet, as it is far too risky to leave open.
  • Make sure systems that have RDP enabled use network-level authentication with complex passwords and that all activity is monitored closely.
  • Monitor endpoints. Make sure you have visibility on your network and you know who is connected to what. This is especially true for inbound connections from hosts on the internet.
  • If you have a requirement for remote desktop access from outside your network, consider using a commercial product with encryption and more advanced user account options.

Community Discussions

Need a Full Assesment?

Get help from professional hackers. Learn about our penetration test service now!

Request Pentest Service