当前位置:七道奇下载中心安全软件安全工具rdp-sec-check RDP 安全性查抄工具
七道奇
找到您需要的资源啦!?本站所有软件高速免费下载,记得下次再来哦,七道奇您下载的首选
软件大小:5.00 MB 下载次数:101
更新时间:2012-11-17 19:59:00

软件简介:上一页金山卫士 v4.2.0.2556 下一页北信源parite病毒专杀工具


  本软件是由七道奇为您精心收集,来源于网络转载,软件收录的是官方版,软件版权归软件作者所有,本站不对其观点以及内容做任何评价,请读者自行判断,以下是其具体内容:
  

rdp-sec-check 是一种用来查抄远程RDP 服务 (AKA 终端服务) 的某些安全功效能否启用的工具.它不需求身份考证,只需求网络衔接到 TCP 端口 3389.

它可以肯定很多 (但不包含全部) 从 RDP Tcp 属性的安全设置

| 通例选项卡

    * 查抄安全层支持的服务: 尺度 RDP 安全、 TLSv1.0、 CredSSP

    * 检测到的RDP支持的安全性加密级别:40-bit, 56-bit, 128-bit, FIPS

假如存在以下潜在的安全问题都将标志:

    * 服务支持尺度 RDP 安全,这简单遭到中间人攻击.

    * 服务支持弱加密(40-bit or 56-bit) .

    * 该服务不要求网络级身份考证 (NLA).NLA 可以帮忙避免某些范例的回绝服务攻击.

    * 该服务支持FIPS的加密,但并不强迫.


依靠性

    rdp-sec-check 是一个简单的 PERL 脚本,需求从 CPAN 的一个模块以 root 用户身份运行 'cpan' 然后安装 Encoding::BER 模块:


    # cpan

     cpan[1]> install Encoding::BER

输出示例 #1: An old Windows 2000 RDP Service


$ rdp-sec-check.pl 10.0.0.94

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:34:38 2012

Target:    10.0.0.94

IP:        10.0.0.94

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Negotiation ignored - old Windows 2000/XP/2003 system??

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Not supported

[+] Summary of protocol support

[-] 10.0.0.94:3389 supports PROTOCOL_RDP   : TRUE

[-] 10.0.0.94:3389 supports PROTOCOL_HYBRID: FALSE

[-] 10.0.0.94:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.94:3389 has encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_40BIT  : TRUE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_128BIT : FALSE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_56BIT  : TRUE

[-] 10.0.0.94:3389 supports ENCRYPTION_METHOD_FIPS   : FALSE

[+] Summary of security issues

[-] 10.0.0.94:3389 has issue NLA_NOT_SUPPORTED_DOS

[-] 10.0.0.94:3389 has issue ONLY_RDP_SUPPORTED_MITM

[-] 10.0.0.94:3389 has issue WEAK_RDP_ENCRYPTION_SUPPORTED

rdp-sec-check v0.8-beta completed at Mon Jul  9 13:34:39 2012

输出示例 #2: A Windows 2003 SP0 RDP Service


$ rdp-sec-check.pl 10.0.0.93

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:35:34 2012

Target:    10.0.0.93

IP:        10.0.0.93

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Negotiation ignored - old Windows 2000/XP/2003 system?

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Negotiation ignored - old Windows 2000/XP/2003 system??

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[+] Summary of protocol support

[-] 10.0.0.93:3389 supports PROTOCOL_RDP   : TRUE

[-] 10.0.0.93:3389 supports PROTOCOL_HYBRID: FALSE

[-] 10.0.0.93:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.93:3389 has encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_40BIT  : TRUE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_128BIT : TRUE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_56BIT  : TRUE

[-] 10.0.0.93:3389 supports ENCRYPTION_METHOD_FIPS   : TRUE

[+] Summary of security issues

[-] 10.0.0.93:3389 has issue NLA_NOT_SUPPORTED_DOS

[-] 10.0.0.93:3389 has issue FIPS_SUPPORTED_BUT_NOT_MANDATED

[-] 10.0.0.93:3389 has issue ONLY_RDP_SUPPORTED_MITM

[-] 10.0.0.93:3389 has issue WEAK_RDP_ENCRYPTION_SUPPORTED

Output Example #3: A typical Windows 2003 RDP Service

$ rdp-sec-check.pl 10.0.0.111

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:36:56 2012

Target:    10.0.0.111

IP:        10.0.0.111

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Supported

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Not supported - SSL_NOT_ALLOWED_BY_SERVER

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Not supported - SSL_NOT_ALLOWED_BY_SERVER

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Supported.  Server encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[+] Summary of protocol support

[-] 10.0.0.111:3389 supports PROTOCOL_RDP   : TRUE

[-] 10.0.0.111:3389 supports PROTOCOL_HYBRID: FALSE

[-] 10.0.0.111:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.111:3389 has encryption level: ENCRYPTION_LEVEL_CLIENT_COMPATIBLE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_40BIT  : TRUE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_128BIT : TRUE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_56BIT  : TRUE

[-] 10.0.0.111:3389 supports ENCRYPTION_METHOD_FIPS   : TRUE

[+] Summary of security issues

[-] 10.0.0.111:3389 has issue NLA_NOT_SUPPORTED_DOS

[-] 10.0.0.111:3389 has issue FIPS_SUPPORTED_BUT_NOT_MANDATED

[-] 10.0.0.111:3389 has issue ONLY_RDP_SUPPORTED_MITM

[-] 10.0.0.111:3389 has issue WEAK_RDP_ENCRYPTION_SUPPORTED

rdp-sec-check v0.8-beta completed at Mon Jul  9 13:36:56 2012

输出示例 #4: A well configured Windows 2008 RDP Service


$ rdp-sec-check.pl 10.0.0.21

Starting rdp-sec-check v0.8-beta ( http://labs.portcullis.co.uk/application/rdp-sec-check/ ) at Mon Jul  9 13:32:30 2012

Target:    10.0.0.21

IP:        10.0.0.21

Port:      3389

[+] Checking supported protocols

[-] Checking if RDP Security (PROTOCOL_RDP) is supported...Not supported - HYBRID_REQUIRED_BY_SERVER

[-] Checking if TLS Security (PROTOCOL_SSL) is supported...Not supported - HYBRID_REQUIRED_BY_SERVER

[-] Checking if CredSSP Security (PROTOCOL_HYBRID) is supported [uses NLA]...Supported

[+] Checking RDP Security Layer

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_NONE...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_40BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_128BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_56BIT...Not supported

[-] Checking RDP Security Layer with encryption ENCRYPTION_METHOD_FIPS...Not supported

[+] Summary of protocol support

[-] 10.0.0.21:3389 supports PROTOCOL_RDP   : FALSE

[-] 10.0.0.21:3389 supports PROTOCOL_HYBRID: TRUE

[-] 10.0.0.21:3389 supports PROTOCOL_SSL   : FALSE

[+] Summary of RDP encryption support

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_NONE   : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_40BIT  : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_128BIT : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_56BIT  : FALSE

[-] 10.0.0.21:3389 supports ENCRYPTION_METHOD_FIPS   : FALSE

[+] Summary of security issues

rdp-sec-check v0.8-beta completed at Mon Jul  9 13:32:31 2012



  “rdp-sec-check RDP 安全性查抄工具[安全工具]”系转载自网络,如有侵犯,请联系我们立即删除,另:本文仅代表作者个人观点,与本网站无关。其原创性以及文中陈述文字和内容未经本站证实,对本文以及其中全部或者部分内容、文字的真实性、完整性、及时性七道奇不作任何保证或承诺,请读者仅作参考,并请自行核实相关内容。

免责条款 - 广告合作 - 下载声明 - 欢迎投稿 - 友情连接 -
Copyright © 2020-2022 www.xiamiku.com. All Rights Reserved .