Securing RDP (Cover Home and Domain Networks) [Windows]
Securing RDP (Cover Home and Domain Networks) [Windows]
I (tobor), demonstrate how to set up Remote Access using RDP. The first few minutes I cover what can be done for Home/Small business networks on a client device. After that I cover what can be done in a Domain environment.
NOTE: This video is about internal RDP communication only and does not cover the set up of an RDP Gateway, IPSec tunnel, or SSH tunnel to allow Remote Access traveling from outside to inside a private network. If you like what you see please Subscribe!
RDP CERTIFICATE EXTENSIONS VALUE: 1.3.6.1.4.1.311.54.1.2
DISABLING RDP ON CLIENT ONLY
# 1= Disabled and 0 = Enabled
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 1
Disable-NetFirewallRule -DisplayGroup “Remote Desktop”
# ENABLE RDP ON CLIENT AND ENABLE FIREWALL RULE
$TSSetting = Get-CimInstance -Namespace root/cimv2/TerminalServices -ClassName Win32_TerminalServiceSetting
$TSGeneralSetting = Get-CimInstance -Namespace root/cimv2/TerminalServices -ClassName Win32_TSGeneralSetting
$TSSetting | Invoke-CimMethod -MethodName SetAllowTSConnections -Arguments @{AllowTSConnections=1;ModifyFirewallException=1}
$TSGeneralSetting | Invoke-CimMethod -MethodName SetUserAuthenticationRequired -Arguments @{UserAuthenticationRequired=1}
# ENABLE NETWORK LEVEL AUTHENTICATION (NLA)
$NLA = Get-CimInstance -ClassName Win32_TSGeneralSetting -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'"
$NLA | Invoke-CimMethod -MethodName SetUserAuthenticationRequired -Arguments @{ UserAuthenticationRequired = $True }
# MANUALLY ASSIGN CERT TO RDP PORT
wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="$SHA1Hash"
0:00 Intro Summary
0:32 How to Disable the use of RDP Remote Access
1:22 Disable Remote Assistance when RDP is enabled
2:22 Set the Remote Desktop Firewall Rules
3:38 Add allowed users for RDP Remote Access
4:13 PowerShell CIM commands to enable Remote Access
5:23 Configure RDP securely in a Domain intro
5:52 Create Certifciate Template for RDP
8:26 Import Certificate Template to issue
9:01 Create Group Policy for Network Level Authentication (NLA)
10:41 Certificates being auto-enrolled and CA should be trusted
11:51 Group policy update to push out your newly created RDP Certificate
12:34 Create Group Policy for configuring Remote Access
13:06 System/Service GPO Settings
13:28 System/Remote Assistance GPO Settings
14:17 Windows Components/Remote Desktop Services GPO Settings
18:32 Firewall GPO Settings
21:41 Manually Assign your GPO assigned Remote Desktop Certificate
22:33 Packet Capture Showing TLS 1.2 is used for RDP Connections
23:59 Thanks for watching! Subscribe if you like what you see
View my Verified Certifications!
https://www.credly.com/users/roberthosborne/badges
Follow us on GitHub!
https://github.com/tobor88
https://github.com/OsbornePro
Official Site
https://osbornepro.com/
Give Respect on HackTheBox!
https://www.hackthebox.eu/profile/52286
Like us on Facebook!
https://www.facebook.com/osborneprollc
View PS Gallery Modules!
https://www.powershellgallery.com/profiles/tobor
The B.T.P.S. Security Package
https://btpssecpack.osbornepro.com/
Видео Securing RDP (Cover Home and Domain Networks) [Windows] канала OsbornePro TV
I (tobor), demonstrate how to set up Remote Access using RDP. The first few minutes I cover what can be done for Home/Small business networks on a client device. After that I cover what can be done in a Domain environment.
NOTE: This video is about internal RDP communication only and does not cover the set up of an RDP Gateway, IPSec tunnel, or SSH tunnel to allow Remote Access traveling from outside to inside a private network. If you like what you see please Subscribe!
RDP CERTIFICATE EXTENSIONS VALUE: 1.3.6.1.4.1.311.54.1.2
DISABLING RDP ON CLIENT ONLY
# 1= Disabled and 0 = Enabled
Set-ItemProperty -Path 'HKLM:\System\CurrentControlSet\Control\Terminal Server'-name "fDenyTSConnections" -Value 1
Disable-NetFirewallRule -DisplayGroup “Remote Desktop”
# ENABLE RDP ON CLIENT AND ENABLE FIREWALL RULE
$TSSetting = Get-CimInstance -Namespace root/cimv2/TerminalServices -ClassName Win32_TerminalServiceSetting
$TSGeneralSetting = Get-CimInstance -Namespace root/cimv2/TerminalServices -ClassName Win32_TSGeneralSetting
$TSSetting | Invoke-CimMethod -MethodName SetAllowTSConnections -Arguments @{AllowTSConnections=1;ModifyFirewallException=1}
$TSGeneralSetting | Invoke-CimMethod -MethodName SetUserAuthenticationRequired -Arguments @{UserAuthenticationRequired=1}
# ENABLE NETWORK LEVEL AUTHENTICATION (NLA)
$NLA = Get-CimInstance -ClassName Win32_TSGeneralSetting -Namespace root\cimv2\terminalservices -Filter "TerminalName='RDP-tcp'"
$NLA | Invoke-CimMethod -MethodName SetUserAuthenticationRequired -Arguments @{ UserAuthenticationRequired = $True }
# MANUALLY ASSIGN CERT TO RDP PORT
wmic /namespace:\\root\cimv2\TerminalServices PATH Win32_TSGeneralSetting Set SSLCertificateSHA1Hash="$SHA1Hash"
0:00 Intro Summary
0:32 How to Disable the use of RDP Remote Access
1:22 Disable Remote Assistance when RDP is enabled
2:22 Set the Remote Desktop Firewall Rules
3:38 Add allowed users for RDP Remote Access
4:13 PowerShell CIM commands to enable Remote Access
5:23 Configure RDP securely in a Domain intro
5:52 Create Certifciate Template for RDP
8:26 Import Certificate Template to issue
9:01 Create Group Policy for Network Level Authentication (NLA)
10:41 Certificates being auto-enrolled and CA should be trusted
11:51 Group policy update to push out your newly created RDP Certificate
12:34 Create Group Policy for configuring Remote Access
13:06 System/Service GPO Settings
13:28 System/Remote Assistance GPO Settings
14:17 Windows Components/Remote Desktop Services GPO Settings
18:32 Firewall GPO Settings
21:41 Manually Assign your GPO assigned Remote Desktop Certificate
22:33 Packet Capture Showing TLS 1.2 is used for RDP Connections
23:59 Thanks for watching! Subscribe if you like what you see
View my Verified Certifications!
https://www.credly.com/users/roberthosborne/badges
Follow us on GitHub!
https://github.com/tobor88
https://github.com/OsbornePro
Official Site
https://osbornepro.com/
Give Respect on HackTheBox!
https://www.hackthebox.eu/profile/52286
Like us on Facebook!
https://www.facebook.com/osborneprollc
View PS Gallery Modules!
https://www.powershellgallery.com/profiles/tobor
The B.T.P.S. Security Package
https://btpssecpack.osbornepro.com/
Видео Securing RDP (Cover Home and Domain Networks) [Windows] канала OsbornePro TV
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
How to Install Duo Two-Factor Authentication for Microsoft RDP and Windows Logon
Whats The Difference Between Remote Desktop and Remote Assistance?
Desktop and RDP Session Hijacking (Lateral Movement)
How to Secure RDP Sessions || How to Open Server ports || How to Add accounts to a server
Breaking RDP passwords with Hydra - How to stay more secure![Securing Files with EFS (Encrypting File System) [Windows Environment]](https://i.ytimg.com/vi/pSxSByxT25k/default.jpg)
Securing Files with EFS (Encrypting File System) [Windows Environment]![Securing RADIUS with EAP-TLS [Windows Server 2019]](https://i.ytimg.com/vi/SgAjEuCAFzE/default.jpg)
Securing RADIUS with EAP-TLS [Windows Server 2019]
Server 2019 VPN Installation and configuration![Securing LDAP over SSL Safely [Windows Server 2019]](https://i.ytimg.com/vi/8rlk2xDkgLw/default.jpg)
Securing LDAP over SSL Safely [Windows Server 2019]![Securing the Local Admin Account (LAPS Password Manger) [Windows Server 2019]](https://i.ytimg.com/vi/rxqxTrt9EMU/default.jpg)
Securing the Local Admin Account (LAPS Password Manger) [Windows Server 2019]
Big Jump In Remote Desktop Attacks?! Watch How Hackers Do It And Protect Your Computers Now!
RDP error - "The identity of the remote computer cannot be verified. Do you want to connect anyway"
OTP Authentication at the Windows Desktop with privacyIDEA Credential Provider
Remote Desktop Protocol (RDP) using an SSL VPN
VPN vs. Tor vs. RDP - What's the Difference?
Intro to Duo![WMI - Windows Management Instrumentation - [#12] PowerShell for IT Professionals](https://i.ytimg.com/vi/_NadlLhLldY/default.jpg)
WMI - Windows Management Instrumentation - [#12] PowerShell for IT Professionals
How to secure your Windows Remote Desktop RDP or Terminal Server | RDP two factor authentication![Forgot Admin Password (Windows) [PassFab 4WinKey]](https://i.ytimg.com/vi/Uxs-6bDPj4c/default.jpg)
Forgot Admin Password (Windows) [PassFab 4WinKey]
Developer Tools Screencast 7: ConEmu