[HOW-TO] Security RDP Win10 LAN Only

Discussion in 'Windows 10' started by LFDDatMyDigitalLife, Jul 25, 2018.

  1. LFDDatMyDigitalLife

    LFDDatMyDigitalLife MDL Novice

    Aug 19, 2010
    42
    5
    0
    #1 LFDDatMyDigitalLife, Jul 25, 2018
    Last edited: Jul 25, 2018
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  2. nechrist

    nechrist MDL Guide Pack

    Apr 24, 2010
    296
    144
    10
    If you don't open the rdp port on the router, you shouldn't have any problem. If you need to login from the outside, my advice is to setup a ssh server with public/private key authentication method.
     
  3. whitestar_999

    whitestar_999 MDL Senior Member

    Dec 9, 2011
    363
    141
    10
    Why such a setup,it will not help you from "real hacker attacks" & for run of the mill attacks there is no need to use this setup at all.

    It also seems that you are under the impression that win 10 Enterprise is something special security wise which it is not(at least running it in a home setup).If you really want to run a server inside a personal home network then better start learning linux as no windows will match its security if configured correctly.It will be an overkill though for a family network.

    I suggest simply installing some good security softwares on both pc & be done with it.You can check out wilders security forum,they have a ton of suggestions regarding security & privacy software & experienced members running enough security & privacy software to match some corporate networks.
     
  4. LFDDatMyDigitalLife

    LFDDatMyDigitalLife MDL Novice

    Aug 19, 2010
    42
    5
    0
    I chose that setup just because I had a spare machine already running Windows 10 Entreprise (my work place was ditching them) so I stuck with it.

    You sound like it would be highly unsecure to use that setup, why?
    My company was using them and I never heard of them having any problem. Of course they had security softwares and group/local policies that I don't have anymore.

    At first, it would only be available from LAN, so I guess closing the RDP port on the router should do it
     
    Stop hovering to collapse... Click to collapse... Hover to expand... Click to expand...
  5. whitestar_999

    whitestar_999 MDL Senior Member

    Dec 9, 2011
    363
    141
    10
    What I meant to say that such a setup won't stand against a dedicated hacking attack(the kind used against corporate networks for stealing info) & for your usual bot attacks there is no need for this specific setup.

    There is also a limit to how much you can lock down a system running win 10 Enterprise in a home network.Corporate networks have servers,hardware firewalls & MS subscription of their cloud AI defender backend.

    My point is why unnecessarily complicate things when you can simply run both systems on win 10 pro(or ltsb if you don't like metro stuff & automatic updates without doing a lots of tweaks) & install some 2-3 good security softwares on each system(mainly an AV,a firewall,a behavior blocker).No need for RDP & the inevitable issues associated with it that comes with each windows update.
     
  6. atgpud2003

    atgpud2003 MDL Member

    Apr 30, 2015
    235
    29
    10
    Use VPN setup..
     
  7. nechrist

    nechrist MDL Guide Pack

    Apr 24, 2010
    296
    144
    10
  8. whitestar_999

    whitestar_999 MDL Senior Member

    Dec 9, 2011
    363
    141
    10
    I personally only use AV but each system is unique in terms of hardware/software/settings combination so one has to try many AVs to see which works best in terms of protection & performance.

    Now for firewall & behaviour blocker many people swear by comodo firewall provided you can configure it correctly which as one can assume is not a simple task.There are some veteran members on wilders forum though willing to share their "hardened mode config for CF".

    For extra protection you can also try hitman pro,novirusthanks os armour,k9 web security,shadow defender,sandboxie etc(too many to list).Do note that you have to spend considerable time & money(many of them are paid) to setup everything correctly & working to your liking.Personally I think it is over the top for a simple home user doing the usual daily stuff.For me safe browsing practices coupled with a good AV & updated windows is good enough.