Comment on Windows RDP lets you log in using revoked passwords. Microsoft is OK with that. - Ars Technica
the_crotch@sh.itjust.works 3 days agohide your RDP server behind some VPN
Anyone who isn’t doing this already is dumb. Same goes for exposing ssh publicly. I don’t care that you’re using a cert to log in, if there’s a 0 day in the openssh server you’re boned
maxwellfire@lemmy.world 3 days ago
If there’s a 0 day in the VPN software then I’m also probably boned. The chances of that seem on par with the likelihood of an openssh vulnerability? I feel like vpns are useful to secure services without good authentication, but their use in front of an openssh server had never made much sense to me.
the_crotch@sh.itjust.works 3 days ago
Hypothetically, assuming you have the von range locked down reasonably well, they would have to breach the vpn and then also breach the other services once they’re on your network.