VMware Cloud Community
jvm2016
Hot Shot
Hot Shot
Jump to solution

Use of powershell

Hi Luc,

Not a powercli question but

If yu suggest on below

Microsoft: 1 million machines still vulnerable to Windows security exploit - The Verge

Does use of powershell remoting over RDP

Can make windows machine less vulnerable for such attacks.

Reply
0 Kudos
1 Solution

Accepted Solutions
LucD
Leadership
Leadership
Jump to solution

Yes, I think you can assume allowing RDP constitutes the same kind of risk as PS Remoting.
In both cases, as an organisation, you need to understand what you are doing.
And more importantly, take sufficient security measures to minimise the risk.
Security, in my opinion, requires a layered approach, protect your boundaries (FW, proxy, DMZ...) and protect what is allowed inside.

Just like for example with JEA, only allow what is necessary, don't open things in general, without knowing why you open them and what the purpose of opening them is,

When in doubt talk/converse with your Security Officer.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

View solution in original post

Reply
0 Kudos
4 Replies
LucD
Leadership
Leadership
Jump to solution

While it should be obvious that you should have the habit of patching your exposed systems asap, there are a number of security measures you can take when setting up PS Remoting.
First, PS Remoting is not enabled by default, it's a choice you make in your organisation to enable it.

One of the most obvious measures to take would be to start using certificates.

See PowerShell Remoting Security Considerations for other measures you can take.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
jvm2016
Hot Shot
Hot Shot
Jump to solution

Thnaks Luc .Iam checking this however in brief .

can we say that powershell remoting if enabled as company's choice would reduce risk associated with RDP without out loosing any functionality.??

or comparion of above does not make sense we can use both .??

Reply
0 Kudos
LucD
Leadership
Leadership
Jump to solution

Yes, I think you can assume allowing RDP constitutes the same kind of risk as PS Remoting.
In both cases, as an organisation, you need to understand what you are doing.
And more importantly, take sufficient security measures to minimise the risk.
Security, in my opinion, requires a layered approach, protect your boundaries (FW, proxy, DMZ...) and protect what is allowed inside.

Just like for example with JEA, only allow what is necessary, don't open things in general, without knowing why you open them and what the purpose of opening them is,

When in doubt talk/converse with your Security Officer.


Blog: lucd.info  Twitter: @LucD22  Co-author PowerCLI Reference

Reply
0 Kudos
jvm2016
Hot Shot
Hot Shot
Jump to solution

thanks Luc.

Reply
0 Kudos