{"id":60,"date":"2018-01-21T08:06:42","date_gmt":"2018-01-21T08:06:42","guid":{"rendered":"http:\/\/107.181.191.134\/?p=45"},"modified":"2018-01-21T08:06:42","modified_gmt":"2018-01-21T08:06:42","slug":"best-practices-for-remotely-accessing-servers-for-a-small-business","status":"publish","type":"post","link":"https:\/\/certcent.io\/index.php\/2018\/01\/21\/best-practices-for-remotely-accessing-servers-for-a-small-business\/","title":{"rendered":"Best practices for remotely accessing servers for a small business."},"content":{"rendered":"<p>The most common tasks a Windows administrator has is to remotely access their server.  This is simplified by Microsoft providing a couple RDP licenses.  It&#8217;s so easy, but can just as easily open up vulnerabilities to your entire network.  Here are a few things to consider: <\/p>\n<li> There are automated systems always scanning for port 3389, you can expect your system to receive between 10 ever minute.<\/li>\n<li> Leaving the administrator account enabled means that this automated services already know half of the equation <\/li>\n<li> Firewalls and Anti-Virus systems will not protect against leaving these known ports and usernames defaulted <\/li>\n<p>\nOkay, now that we know the reasons why, here are easy ways to circumvent default ports and usernames:<\/p>\n<li> Disable the administrator account, this is commonly documented as the first thing to do as a Windows administrator.  If you decide to make these changes after your network has been online for a while, please make sure you cover dependencies, you might have services that are using this account, so be cognitive of of broken services. <\/li>\n<li> Create a NAT policy to forward port 9998 to port 3389.  This will immediately impact these probes and locked down your server.  While a port scan will reveal port 9998, the automated probes will not hit your server anymore. <\/li>\n","protected":false},"excerpt":{"rendered":"<p>The most common tasks a Windows administrator has is to remotely access their server. This is simplified by Microsoft providing a couple RDP licenses. It&#8217;s so easy, but can just as easily open up vulnerabilities to your entire network. Here are a few things to consider: There are automated systems always scanning for port 3389,&hellip; <a class=\"more-link\" href=\"https:\/\/certcent.io\/index.php\/2018\/01\/21\/best-practices-for-remotely-accessing-servers-for-a-small-business\/\">Continue reading <span class=\"screen-reader-text\">Best practices for remotely accessing servers for a small business.<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[1],"tags":[],"_links":{"self":[{"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/posts\/60"}],"collection":[{"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/comments?post=60"}],"version-history":[{"count":0,"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/posts\/60\/revisions"}],"wp:attachment":[{"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/media?parent=60"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/categories?post=60"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/certcent.io\/index.php\/wp-json\/wp\/v2\/tags?post=60"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}