• SL3wvmnas@discuss.tchncs.de
    link
    fedilink
    English
    arrow-up
    4
    arrow-down
    1
    ·
    6 months ago

    “We originally looked at a code change for this issue, but after further review of design documentation, changes to code could break compatibility with functionality used by many applications.”

    Year of the Linux (Server|Desktop). Seriously. If you are in IT pls look into this (and hide your RDP server behind some VPN. No not MS RDP Gateway.)

    • the_crotch@sh.itjust.works
      link
      fedilink
      English
      arrow-up
      7
      ·
      6 months ago

      hide your RDP server behind some VPN

      Anyone who isn’t doing this already is dumb. Same goes for exposing ssh publicly. I don’t care that you’re using a cert to log in, if there’s a 0 day in the openssh server you’re boned

      • Max@lemmy.world
        link
        fedilink
        English
        arrow-up
        1
        ·
        edit-2
        6 months ago

        If there’s a 0 day in the VPN software then I’m also probably boned. The chances of that seem on par with the likelihood of an openssh vulnerability? I feel like vpns are useful to secure services without good authentication, but their use in front of an openssh server has never made much sense to me.

        • the_crotch@sh.itjust.works
          link
          fedilink
          English
          arrow-up
          3
          ·
          edit-2
          6 months ago

          They would have to breach the vpn and then also breach the other services once they’re on your network. It’s another layer of protection.