A Windows XP help forum. PCbanter

If this is your first visit, be sure to check out the FAQ by clicking the link above. You may have to register before you can post: click the register link above to proceed. To start viewing messages, select the forum that you want to visit from the selection below.

Go Back   Home » PCbanter forum » Microsoft Windows 7 » Windows 7 Forum
Site Map Home Register Authors List Search Today's Posts Mark Forums Read Web Partners

remote desktop replacement?



 
 
Thread Tools Rate Thread Display Modes
  #16  
Old February 10th 17, 04:17 AM posted to alt.windows7.general
B00ze
external usenet poster
 
Posts: 472
Default remote desktop replacement?

On 2017-02-09 20:07, T wrote:

On 02/08/2017 06:15 PM, B00ze wrote:
You've given-up on disabling TLS 1.0 on RDP?


About one micro inch away:

https://social.technet.microsoft.com...&prof=required

I am getting ready to install Open VPN


Lol, I see you at the bottom of the thread. They don't mention if they
upgraded RDP to RDP-8.x however; I seem to recall you needed to do this
before disabling TLS 1.0? It involves:

RDP81 -

KB2592687 RDP 8.0 Update for Windows 7 for x64-based Systems
KB2830477 Remote Desktop Connection (RDC) 8.1 client update - Breaks
VirtualPC?

And then -

1. KB2984976
2. KB3020388
2. KB3126446
3. KB3075226
3. KB2923545

Anyway this is what I have in my notes, but I haven't tested disabling
TLS 1.0 and then trying RDP - I'm @ home not in a store ;-)

Best Regards,

--
! _\|/_ Sylvain /
! (o o) Memberavid-Suzuki-Fdn/EFF/Red+Cross/SPCA/Planetary-Society
oO-( )-Oo Computer, delete WESLEY.EXE -Entire Enterprise crew

Ads
  #17  
Old February 10th 17, 04:30 AM posted to alt.windows7.general
T
external usenet poster
 
Posts: 4,600
Default remote desktop replacement?

On 02/09/2017 07:17 PM, B00ze wrote:
On 2017-02-09 20:07, T wrote:

On 02/08/2017 06:15 PM, B00ze wrote:
You've given-up on disabling TLS 1.0 on RDP?


About one micro inch away:

https://social.technet.microsoft.com...&prof=required


I am getting ready to install Open VPN


Lol, I see you at the bottom of the thread. They don't mention if they
upgraded RDP to RDP-8.x however; I seem to recall you needed to do this
before disabling TLS 1.0? It involves:

RDP81 -

KB2592687 RDP 8.0 Update for Windows 7 for x64-based Systems
KB2830477 Remote Desktop Connection (RDC) 8.1 client update -
Breaks VirtualPC?

And then -

1. KB2984976
2. KB3020388
2. KB3126446
3. KB3075226
3. KB2923545

Anyway this is what I have in my notes, but I haven't tested disabling
TLS 1.0 and then trying RDP - I'm @ home not in a store ;-)

Best Regards,


Hi B00ze,

If you disable 3DES, Remote Desktop stops working. 3DES (SUGAR32)
haunts TLS 1.0, 1.1, and 1.2. See below.

I can't win. :'(

-T


nmap -p xxxx -Pn --script +ssl-enum-ciphers aaa.bbb.ccc.ddd --script
ssl-cert

Starting Nmap 7.40 ( https://nmap.org ) at 2017-02-07 00:02 PST
Nmap scan report for mail.redacted.com (aaa.bbb.ccc.ddd)
Host is up (0.060s latency).
PORT STATE SERVICE
xxxx/tcp open yyyyy
| ssl-enum-ciphers:
| TLSv1.0:
| ciphers:
| *TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C *
| compressors:
| NULL
| cipher preference: indeterminate
| cipher preference error: Too few ciphers supported
| warnings:
| *64-bit block cipher 3DES vulnerable to SWEET32 attack*
| Weak certificate signatu SHA1
| TLSv1.1:
| ciphers:
| *TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C*
| compressors:
| NULL
| cipher preference: indeterminate
| cipher preference error: Too few ciphers supported
| warnings:
| *64-bit block cipher 3DES vulnerable to SWEET32 attack*
| Weak certificate signatu SHA1
| TLSv1.2:
| ciphers:
| TLS_RSA_WITH_3DES_EDE_CBC_SHA (rsa 2048) - C
| compressors:
| NULL
| cipher preference: indeterminate
| cipher preference error: Too few ciphers supported
| warnings:
| *64-bit block cipher 3DES vulnerable to SWEET32 attack*
| Weak certificate signatu SHA1
|_ least strength: C

Nmap done: 1 IP address (1 host up) scanned in 2.44 seconds
  #18  
Old February 11th 17, 04:49 AM posted to alt.windows7.general
B00ze
external usenet poster
 
Posts: 472
Default remote desktop replacement?

On 2017-02-09 22:30, T wrote:

Hi B00ze,

If you disable 3DES, Remote Desktop stops working. 3DES (SUGAR32)
haunts TLS 1.0, 1.1, and 1.2. See below.

I can't win. :'(


Ohhhhhh, I see now (your log) - Darn this is a real bummer! Well @ least
with a VPN you will then be allowed to use RDP, instead of using a 3rd
party thing like TeamViewer which is expensive and has some issues.
Never tried to setup plain OpenVPN (altho I used to run plain Tor,
before it became a browser, and it was pretty easy to setup) - I use a
paid VPN that comes with a nice UI sitting above OpenVPN; keeps things
simple. Good luck!

Best Regards,

--
! _\|/_ Sylvain /
! (o o) Memberavid-Suzuki-Fdn/EFF/Red+Cross/SPCA/Planetary-Society
oO-( )-Oo How do you tell when you run out of invisible ink?

  #19  
Old February 11th 17, 05:52 AM posted to alt.windows7.general
T
external usenet poster
 
Posts: 4,600
Default remote desktop replacement?

On 02/10/2017 07:49 PM, B00ze wrote:
On 2017-02-09 22:30, T wrote:

Hi B00ze,

If you disable 3DES, Remote Desktop stops working. 3DES (SUGAR32)
haunts TLS 1.0, 1.1, and 1.2. See below.

I can't win. :'(


Ohhhhhh, I see now (your log) - Darn this is a real bummer! Well @ least
with a VPN you will then be allowed to use RDP, instead of using a 3rd
party thing like TeamViewer which is expensive and has some issues.
Never tried to setup plain OpenVPN (altho I used to run plain Tor,
before it became a browser, and it was pretty easy to setup) - I use a
paid VPN that comes with a nice UI sitting above OpenVPN; keeps things
simple. Good luck!

Best Regards,


I finally figure out how harden rdp. I posted my solution in the
original thread.

editorial comment AAAAAAAAAHHHHHHH!!!!!!!!!! /editorial comment
 




Thread Tools
Display Modes Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

vB code is On
Smilies are On
[IMG] code is On
HTML code is Off






All times are GMT +1. The time now is 10:31 AM.


Powered by vBulletin® Version 3.6.4
Copyright ©2000 - 2024, Jelsoft Enterprises Ltd.
Copyright ©2004-2024 PCbanter.
The comments are property of their posters.