xrdp localhost only to enable access only through ssh tunnel

0

I am having several brute force attacks in my server through SSH and XRDP, so im using sshguard to avoid them through ssh, but i can't find a way to protect the RDP access. I found that the best way to so it is just enabling rdp access through ssh tunnel and then sshguard could protect both. Also having just 1 open port to internet make me more safe.

The problem is i don't know how to configure my server to make XRDP only accessible in local through ssh tunnel.

Could you please help me about this?.

ioannis

Posted 2016-12-02T12:25:44.407

Reputation: 43

Answers

0

Presumably you've got your server locked down behind or with a firewall. If so, just close the XRDP ports (3389, IIRC) with iptables or similar. The the only access will be allowed from the localhost, which you are presumably already doing with your ssh tunnel (e.g. ssh -L 4489:localhost:3389 server).

Also, while not strictly more secure, you can make your ssh server less visible by running it on (or forward externally from) a different port. I find I end up with many fewer drive-by hacking attempts, and those that do come in, I pay more attention to because clearly they are more energized to have bothered to find my alternative port and then try to get in via the right protocol.

crimson-egret

Posted 2016-12-02T12:25:44.407

Reputation: 1 900

Asked: 2016-12-02T12:25:44.407

Viewed: 529 times

Active: 2016-12-02T14:49:41.687