七道奇
七道奇

rdp-sec-check RDP 安全性查抄工具[安全工具]

运行环境:
软件语言:简体中文
软件类型:安全软件 - 安全工具
授权方式:免费
推荐星级:
官方主页:www.233122.com
图片预览: 没有预览图片     【一键转帖到论坛】
插件情况:
解压密码:www.xiamiku.com
软件大小:5.00 MB
更新时间:2012-11-17 19:59:00
下载统计:载入数据 ...
  • 好的评价 如果您觉得此软件好,就请您
      100%(990)
  • 差的评价 如果您觉得此软件差,就请您
      0%(0)

赞助商链接

rdp-sec-check RDP 安全性查抄工具 [安全工具] 简介




  本软件是由七道奇为您精心收集,来源于网络转载,软件收录的是官方版,软件版权归软件作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
  

rdp-sec-check 是一种用来查抄远程RDP 服务 (AKA 终端服务) 的某些安全功效能否启用的工具.它不需求身份考证,只需求网络衔接到 TCP 端口 3389.

它可以肯定很多 (但不包含全部) 从 RDP Tcp 属性的安全设置

| 通例选项卡

    * 查抄安全层支持的服务: 尺度 RDP 安全、 TLSv1.0、 CredSSP

    * 检测到的RDP支持的安全性加密级别:40-bit, 56-bit, 128-bit, FIPS

假如存在以下潜在的安全问题都将标志:

    * 服务支持尺度 RDP 安全,这简单遭到中间人攻击.

    * 服务支持弱加密(40-bit or 56-bit) .

    * 该服务不要求网络级身份考证 (NLA).NLA 可以帮忙避免某些范例的回绝服务攻击.

    * 该服务支持FIPS的加密,但并不强迫.


依靠性

    rdp-sec-check 是一个简单的 PERL 脚本,需求从 CPAN 的一个模块以 root 用户身份运行 'cpan' 然后安装 Encoding::BER 模块:


    # cpan

     cpan[1]> install Encoding::BER

输出示例 #1: An old Windows 2000 RDP Service


$ rdp-sec-check.pl 10.0.0.94

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:34:38 2012

Target:    10.0.0.94

IP:        10.0.0.94

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Negotiation ignored - old Windows 2000/XP/2003 system??

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Not supported

[+] Summary of protocol support

[-] 10.0.0.94:3389 supports PROTOCOL_RDP   : TRUE

[-] 10.0.0.94:3389 supports PROTOCOL_HYBRID: FALSE

[-] 10.0.0.94:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.94:3389 has encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_40BIT  : TRUE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_128BIT : FALSE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_56BIT  : TRUE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_FIPS   : FALSE

[+] Summary of security issues

[-] 10.0.0.94:3389 has issue NLA_NOT_SUPPORTED_DOS

[-] 10.0.0.94:3389 has issue ONLY_RDP_SUPPORTED_MITM

[-] 10.0.0.94:3389 has issue WEAK_RDP_ENCRYPTION_SUPPORTED

rdp-sec-check v0.8-beta completed at Mon Jul  9 13:34:39 2012

输出示例 #2: A Windows 2003 SP0 RDP Service


$ rdp-sec-check.pl 10.0.0.93

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:35:34 2012

Target:    10.0.0.93

IP:        10.0.0.93

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Negotiation ignored - old Windows 2000/XP/2003 system??

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[+] Summary of protocol support

[-] 10.0.0.93:3389 supports PROTOCOL_RDP   : TRUE

[-] 10.0.0.93:3389 supports PROTOCOL_HYBRID: FALSE

[-] 10.0.0.93:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.93:3389 has encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_40BIT  : TRUE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_128BIT : TRUE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_56BIT  : TRUE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_FIPS   : TRUE

[+] Summary of security issues

[-] 10.0.0.93:3389 has issue NLA_NOT_SUPPORTED_DOS

[-] 10.0.0.93:3389 has issue FIPS_SUPPORTED_BUT_NOT_MANDATED

[-] 10.0.0.93:3389 has issue ONLY_RDP_SUPPORTED_MITM

[-] 10.0.0.93:3389 has issue WEAK_RDP_ENCRYPTION_SUPPORTED

Output Example #3: A typical Windows 2003 RDP Service

$ rdp-sec-check.pl 10.0.0.111

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:36:56 2012

Target:    10.0.0.111

IP:        10.0.0.111

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Supported

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Not supported - SSL_NOT_ALLOWED_BY_SERVER

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Not supported - SSL_NOT_ALLOWED_BY_SERVER

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[+] Summary of protocol support

[-] 10.0.0.111:3389 supports PROTOCOL_RDP   : TRUE

[-] 10.0.0.111:3389 supports PROTOCOL_HYBRID: FALSE

[-] 10.0.0.111:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.111:3389 has encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_40BIT  : TRUE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_128BIT : TRUE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_56BIT  : TRUE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_FIPS   : TRUE

[+] Summary of security issues

[-] 10.0.0.111:3389 has issue NLA_NOT_SUPPORTED_DOS

[-] 10.0.0.111:3389 has issue FIPS_SUPPORTED_BUT_NOT_MANDATED

[-] 10.0.0.111:3389 has issue ONLY_RDP_SUPPORTED_MITM

[-] 10.0.0.111:3389 has issue WEAK_RDP_ENCRYPTION_SUPPORTED

rdp-sec-check v0.8-beta completed at Mon Jul  9 13:36:56 2012

输出示例 #4: A well configured Windows 2008 RDP Service


$ rdp-sec-check.pl 10.0.0.21

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:32:30 2012

Target:    10.0.0.21

IP:        10.0.0.21

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Not supported - HYBRID_REQUIRED_BY_SERVER

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Not supported - HYBRID_REQUIRED_BY_SERVER

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Supported

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Not supported

[+] Summary of protocol support

[-] 10.0.0.21:3389 supports PROTOCOL_RDP   : FALSE

[-] 10.0.0.21:3389 supports PROTOCOL_HYBRID: TRUE

[-] 10.0.0.21:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_40BIT  : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_128BIT : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_56BIT  : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_FIPS   : FALSE

[+] Summary of security issues

rdp-sec-check v0.8-beta completed at Mon Jul  9 13:32:31 2012


   以上是“rdp-sec-check RDP 安全性查抄工具[安全工具] ”的内容,如果你对以上该软件感兴趣,你可以看看 七道奇为您推荐以下软件:
  • rdp-sec-check RDP 安全性查抄工具
  • 下载地址

      下载地址
    Copyright © 2020-2022 www.xiamiku.com. All Rights Reserved .