RE: [Exchange] Exchange CAS RDP open

Thu, 11 Aug 2016 07:55:23 -0700 

They are not, I was shocked that RDP was open without any pre-auth in place
I have warned them about drive-by RDP crypto attacks.
So it looks like the DR assessment  will be spawning a security assessment as 
well.

  

Jean-Paul Natola

 


From: asbz...@gmail.com
To: exchange@lists.myitforum.com
Subject: Re: [Exchange] Exchange CAS RDP open
Date: Thu, 11 Aug 2016 14:32:59 +0000






  
    
    
    
    
    
    
    
    

    

  

  

    

    
    
    

    
      
        

          
            It seems like it's not just Exchange CAS that they are allowing 
external RDP to…
Regards,


 ASB 

 http://XeeMe.com/AndrewBaker  Providing Expert Technology
Consulting Services for the SMB market…  GPG: 1AF3 EEC3 7C3C E88E B0EF 4319 
8F28 A483 A182 EF3A



          
        
      
    

    

  

  
    

    
      On Thu, Aug 11, 2016 9:35 AM, J- P  jnat...@hotmail.com
 wrote:

      
        
        literally one number off, they said to RDP in   use this IP (On a 
separate note that was my first clue things were amiss when the new admin said 
"we  don't use names to connect in we use IP's')So let's say the RDP  address 
was 67.250.48.168 ,  their mail server was one digit off i.e. 67.250.48.167


From: rich...@gmail.com
Date: Wed, 10 Aug 2016 21:01:16 -0400
Subject: Re: [Exchange] Exchange CAS RDP open
To: exchange@lists.myitforum.com

I'm curious how you mistyped the connection info.  Can you provide sanitized 
versions of what you entered into the RDP client?
On Wed, Aug 10, 2016 at 8:29 PM, J- P <jnat...@hotmail.com> wrote:



its  wide open  via IP/URL  , you can literally open rdp , type in the ip and 
connect

  



 


From: mich...@smithcons.com
To: exchange@lists.myitforum.com
Subject: RE: [Exchange] Exchange CAS RDP open
Date: Thu, 11 Aug 2016 00:13:24 +0000









Those are really 2 very different questions.

 

I would absolutely have RDP open locally (i.e., in the datacenter). How else 
will you maintain the server in case of problems?

 

Remotely – no. Likely not. Except for administrative access via VPNs that can 
access the servers in the datacenter.

 



From: listsad...@lists.myitforum.com [mailto:listsad...@lists.myitforum.com]
On Behalf Of J- P

Sent: Wednesday, August 10, 2016 7:33 PM

To: Exchange List

Subject: [Exchange] Exchange CAS RDP open



 



Hi all,



 



Despite having worked with Exchange since 2003 through 2013,  I  have always 
worked in  single server Exchange deployments,. Recently I was at a site where 
I was tasked with reviewing the
 DR strategy. While doing the assessment I inadvertently RDP'd into  the CAS 
server (typo in the ip), the question I have , is there ANY reason whatsoever 
RDP  would be enabled on a CAS server, and even more to the point, any reason 
it should be open through
 the firewall???





TIA



 



jp

Reply via email to