Why would anyone use a work computer connected to Activate Directory that can load proxy security certificates. Sophos blocking access is the least of the concerns. For the life of me I'll never understand why.people do personal stuff on company equipment, us Net Admins can view all the traffic in plain text. Logins, passwords, and GET and PUSH. Sigh....
Yes and no actually, but I doubt anyone would go far enough to worry with it. If you're employer allows port 3389 connections on publicly routable IP Addresses I wouldn't worry to much about anything their security is mid-tier at best. It's normally secured by adding a whitelist of IP Addresses for this protocol, so most home IPs are going to be blocked. Yes you could change the port but still same protocol. The main thing is the key being used to establish encryption for the session, again company proxy. In theory if I wanted to recompile the session from proxy records it's possible to see key strokes. I have not tested it since the big security update they pushed out, mainly I don't care. By I'm sure the possibility still exists. Feel free to setup Burp Proxy and test it over a Switch and check it for yourself.
They're UDP coded and they changed the internal encryption inside the packets -- I couldn't not look it up after I stated that. So yeah as along as you can get out of their network undetected you're good. I'll give you the '.win' on that one sir, this pede will concede... Only because you you didn't cheat to win.... But still RDP exposed on the public internet - yeah okay I've done it before on a VM inside the DMZ for remote access only. So again you win on that too....
Why would anyone use a work computer connected to Activate Directory that can load proxy security certificates. Sophos blocking access is the least of the concerns. For the life of me I'll never understand why.people do personal stuff on company equipment, us Net Admins can view all the traffic in plain text. Logins, passwords, and GET and PUSH. Sigh....
I limit my personal use on my work laptop to checking the weather
Not if I connect to my home PC over an RDP tunnel you can't. Care to try again?
Yes and no actually, but I doubt anyone would go far enough to worry with it. If you're employer allows port 3389 connections on publicly routable IP Addresses I wouldn't worry to much about anything their security is mid-tier at best. It's normally secured by adding a whitelist of IP Addresses for this protocol, so most home IPs are going to be blocked. Yes you could change the port but still same protocol. The main thing is the key being used to establish encryption for the session, again company proxy. In theory if I wanted to recompile the session from proxy records it's possible to see key strokes. I have not tested it since the big security update they pushed out, mainly I don't care. By I'm sure the possibility still exists. Feel free to setup Burp Proxy and test it over a Switch and check it for yourself.
I don't have an employer, that's not how it works.
I can usually connect over RDP and they can't view my traffic in plain text.
They're UDP coded and they changed the internal encryption inside the packets -- I couldn't not look it up after I stated that. So yeah as along as you can get out of their network undetected you're good. I'll give you the '.win' on that one sir, this pede will concede... Only because you you didn't cheat to win.... But still RDP exposed on the public internet - yeah okay I've done it before on a VM inside the DMZ for remote access only. So again you win on that too....
You won’t on my network.
You can block the port, but I can still connect to my home PC. I can connect over my iphone if you block port 3389.
Yep...But muh farmville.