๐ Secure Bits ๐ก
๐๐ผ ๐๐ผ๐ ๐๐๐ฒ ๐ฅ๐๐ฃ?
Thereโs a ๐๐๐ฟ๐ฝ๐ฟ๐ถ๐๐ถ๐ป๐ด ๐ฟ๐ถ๐๐ธ you might not be thinking about โ and itโs already on your machine.
When you use Remote Desktop (๐ฅ๐๐ฃ) via the ๐ ๐ฆ๐ง๐ฆ๐ client, any credentials you enter can be retrieved in plaintext in the process ๐บ๐ฒ๐บ๐ผ๐ฟ๐. That means your domain admin password could be sitting there, waiting to be pulled โ no keylogger needed.
๐ You canโt just flip a setting to ๐ฑ๐ถ๐๐ฎ๐ฏ๐น๐ฒ this.
But there are some ๐๐ฎ๐๐ ๐๐ผ ๐ฟ๐ฒ๐ฑ๐๐ฐ๐ฒ ๐๐ต๐ฒ ๐ฟ๐ถ๐๐ธ:
1๏ธโฃ ๐จ๐๐ฒ ๐ฎ ๐ฃ๐ฟ๐ถ๐๐ถ๐น๐ฒ๐ด๐ฒ๐ฑ ๐๐ฐ๐ฐ๐ฒ๐๐ ๐ช๐ผ๐ฟ๐ธ๐๐๐ฎ๐๐ถ๐ผ๐ป (๐ฃ๐๐ช) โ ideally a physical machine, even if you run a VM PAW on top of it.
2๏ธโฃ ๐๐๐ผ๐ถ๐ฑ ๐ฅ๐๐ฃ โ not always practical in Windows environments.
3๏ธโฃ ๐จ๐๐ฒ ๐ ๐๐ โ if thereโs no password typed, thereโs no password to grab from memory.
๐ Thatโs one reason I started ๐ฐ๐ผ๐น๐น๐ฎ๐ฏ๐ผ๐ฟ๐ฎ๐๐ถ๐ป๐ด ๐๐ถ๐๐ต Systola. I tested their platform, ๐ฆ๐๐๐๐ผ๐๐ข๐๐, which brings ๐ป๐ฎ๐๐ถ๐๐ฒ ๐ฝ๐ฎ๐๐๐๐ผ๐ฟ๐ฑ๐น๐ฒ๐๐ ๐บ๐๐น๐๐ถ-๐ณ๐ฎ๐ฐ๐๐ผ๐ฟ ๐ฎ๐๐๐ต๐ฒ๐ป๐๐ถ๐ฐ๐ฎ๐๐ถ๐ผ๐ป to the Windows ecosystem โ including RDP, Windows login, SAML, Radius, and more.
Itโs simple, works as expected, and the pricing is very reasonable.
๐งช ๐ช๐ฎ๐ป๐ ๐๐ผ ๐๐ฟ๐ ๐ถ๐?
Link in comments. Hereโs how it works:
1. Open the page โ youโll see the license options (one is free).
2. Click Request demo.
3. Systola will create your eval account and send access so you can install and test.
If you give it a spin, ๐๐ฒ๐น๐น ๐บ๐ฒ ๐ต๐ผ๐ ๐ถ๐ ๐ด๐ผ๐ฒ๐ โ I can help and may be able to arrange a discount for paid tiers.
Do you use MFA for RDP sessions?
