Yes and no actually, but I doubt anyone would go far enough to worry with it. If you're employer allows port 3389 connections on publicly routable IP Addresses I wouldn't worry to much about anything their security is mid-tier at best. It's normally secured by adding a whitelist of IP Addresses for this protocol, so most home IPs are going to be blocked. Yes you could change the port but still same protocol. The main thing is the key being used to establish encryption for the session, again company proxy. In theory if I wanted to recompile the session from proxy records it's possible to see key strokes. I have not tested it since the big security update they pushed out, mainly I don't care. By I'm sure the possibility still exists. Feel free to setup Burp Proxy and test it over a Switch and check it for yourself.
They're UDP coded and they changed the internal encryption inside the packets -- I couldn't not look it up after I stated that. So yeah as along as you can get out of their network undetected you're good. I'll give you the '.win' on that one sir, this pede will concede... Only because you you didn't cheat to win.... But still RDP exposed on the public internet - yeah okay I've done it before on a VM inside the DMZ for remote access only. So again you win on that too....
Well, I mean, it's not like I'm a computer genius...it's just necessity. I'm on a client site, with my own laptop, and periodically need to access the data on my home server. So, I can RDP into my home server, copy any documents I need and either email them to myself, or FTP them. If I can't access my home server, I'm hosed.
Yes and no actually, but I doubt anyone would go far enough to worry with it. If you're employer allows port 3389 connections on publicly routable IP Addresses I wouldn't worry to much about anything their security is mid-tier at best. It's normally secured by adding a whitelist of IP Addresses for this protocol, so most home IPs are going to be blocked. Yes you could change the port but still same protocol. The main thing is the key being used to establish encryption for the session, again company proxy. In theory if I wanted to recompile the session from proxy records it's possible to see key strokes. I have not tested it since the big security update they pushed out, mainly I don't care. By I'm sure the possibility still exists. Feel free to setup Burp Proxy and test it over a Switch and check it for yourself.
I don't have an employer, that's not how it works.
I can usually connect over RDP and they can't view my traffic in plain text.
They're UDP coded and they changed the internal encryption inside the packets -- I couldn't not look it up after I stated that. So yeah as along as you can get out of their network undetected you're good. I'll give you the '.win' on that one sir, this pede will concede... Only because you you didn't cheat to win.... But still RDP exposed on the public internet - yeah okay I've done it before on a VM inside the DMZ for remote access only. So again you win on that too....
Well, I mean, it's not like I'm a computer genius...it's just necessity. I'm on a client site, with my own laptop, and periodically need to access the data on my home server. So, I can RDP into my home server, copy any documents I need and either email them to myself, or FTP them. If I can't access my home server, I'm hosed.