Understanding Secure Shell (SSH) vs Virtual Private Network (VPN)

Questions and Answers

What technology is primarily used for remote desktop connections in Windows devices?

Microsoft Remote Desktop Protocol (RDP) (correct)

Remote Frame Buffer protocol

Open Source Projects

Virtual Network Computing

Which technology uses the Remote Frame Buffer protocol for communicating with remote desktops?

Linux Operating System

Open Source Projects

Virtual Network Computing (VNC) (correct)

Microsoft Remote Desktop Protocol (RDP)

Which operating system does not have native support for Microsoft Remote Desktop Protocol (RDP)?

Android

Windows

Mac OS (correct)

Linux

What is a possible consequence of poorly implemented Microsoft RDP implementations according to the text?

Unauthorized access to systems

If you are using Mac OS and need to connect to a Windows device remotely, what technology could you use?

Virtual Network Computing (VNC)

What is another term used for Virtual Network Computing in the context of remote desktop connections?

Remote Control

What is the newer version of Microsoft Remote Assistance called?

QuickAssist

How does QuickAssist compare to Microsoft Remote Assistance in terms of service for the end user?

QuickAssist provides the same services

What is one benefit of using MSRA or QuickAssist in terms of background processes?

No background processes running

What precaution should be taken when sending remote access invitations according to the text?

Use a six-digit code over the phone

Apart from GoToMyPC and TeamViewer, what other type of applications are mentioned for remote control functionality?

Zoom and Webex

What is one purpose mentioned for cloud-based file transfer tools like Dropbox and Google Drive?

To share files among organization members

What common port does an attacker look for to determine if a system is listening for an RDP connection?

Port 3389

Why is it common for attackers to attempt different passwords when trying to connect to a device through RDP?

To find a password that works

What security concern applies to VNC and third party remote desktop systems based on the text?

Single-factor authentication

What can an attacker do if they gain access to a system using remote desktop, according to the text?

Access personal information

What does a VPN concentrator handle in the VPN technology discussed in the text?

Data encryption and decryption

How can a VPN concentrator be integrated into a network according to the text?

By integrating into a firewall

What is one key difference between Secure Shell (SSH) and a Virtual Private Network (VPN)?

SSH encrypts data during transmission, making it unintelligible if intercepted, while VPN provides no encryption.

What is a common method to provide additional authentication with an SSH session?

Defining a public and private key pair.

What is a primary purpose of Remote Monitoring and Management (RMM)?

To patch remote operating systems and monitor network activity.

How does Microsoft Remote Assistance (MSRA) differ from some remote desktop services?

MSRA allows for remote access on demand without the need for prior setup.

Why is it important for organizations running Remote Monitoring and Management (RMM) to have proper security controls in place?

To prevent attackers from gaining unauthorized access to customer networks.

What must be defined in an SSH server configuration to restrict logins?

Trusted IP addresses only.

What is the purpose of providing additional criteria when configuring SSH access?

To restrict access based on specific conditions.

What could happen if an attacker gains access to a Remote Monitoring and Management (RMM) system?

Attackers could find a way into customer networks.

What makes Microsoft Remote Assistance (MSRA) different from traditional remote desktop services?

MSRA provides connections without prior setup requirements.

In Secure Shell (SSH) configurations, what is the purpose of defining public and private key pairs?

To ensure secure authentication and access to SSH sessions.

Study Notes

• Remote desktop connections allow users to access and control another computer's desktop over a network.
• Different types of remote desktop connections exist depending on the operating system, such as Microsoft's Remote Desktop Protocol (RDP) for Windows and Virtual Network Computing (VNC) for Mac OS and Linux.
• RDP is primarily used for Windows devices but has clients for other operating systems.
• VNC uses Remote Frame Buffer (RFB) protocol and has clients available for various operating systems.
• Remote desktop technologies are commonly used in support roles and have been exploited by scammers to gain unauthorized access to systems.
• A secure way to access a network from a remote location is through a Virtual Private Network (VPN), which encrypts data between the user's device and the VPN concentrator.
• VPNs are commonly used with a central concentrator that handles encryption and decryption of data and can be built using Linux and specialized cryptographic hardware.
• VPNs can be configured for on-demand or always-on access and provide strong encryption to secure data from attackers.
• SSH is a secure protocol used to remotely access servers via command line, with encryption to protect data transmitted across the network.
• SSH can be secured further with public and private key pairs and configuring firewalls to only allow access from trusted IP addresses.
• Managed service providers (MSPs) offer remote monitoring and management (RMM) services, which allow them to access and manage devices on a customer's network, making it a valuable target for attackers.
• Microsoft provides Remote Assistance (MSRA) and QuickAssist, which allow users to request assistance from others on demand and have no constantly running service, making them more secure.

Description

Learn about the differences between Secure Shell (SSH) and Virtual Private Network (VPN), including how SSH encrypts data being sent across a network to protect it from unauthorized access. Explore the limitations attackers face when trying to intercept encrypted data through SSH or VPN.