Overview
This course covers the risks associated with Remote Desktop Protocol (RDP) and how to mitigate them. The learning outcomes include understanding conventional RDP attacks, detecting attacks, and deploying a secure RDP server. The course teaches skills such as identifying RDP risks, using tools to defend against attacks, and implementing security measures. The teaching method includes a presentation on RDP attacks from both attacker and defender perspectives, with step-by-step instructions for secure server deployment. The intended audience includes cybersecurity professionals, IT administrators, and individuals interested in RDP security.
Syllabus
Introduction
About RDP
RDP Layers
RDP Security
Risk of RDP
Risks of RDP
Protocol Downgrade
Graphical Login
Why Microsoft did Graphical Login
Security advantages
Attack surface reduction
Authentication
Downgrade
Prevention
Group Policies
How to Attack
How to Mitigate
The Third Attack
The Villain
Responder
Report to Microsoft
What does this mean
What can we do
The future
Red team takeaways
Blue team takeaways
Devolution
Thank you
Taught by
NorthSec