- Hlola izinqubomgomo (GPO), amasevisi, nesilaleli se-RDP ngaphambi kokuthinta i-firewall ukuze uhlukanise umthombo wokuvinjwa.
- Hlola i-port 3389, imithetho esebenzayo nezitifiketi; ukungqubuzana noma isitifiketi esiphukile kuvimbela umlaleli ekulaleleni.
- Amaphutha okuqinisekisa (CredSSP, NLA, izimvume) avamile njengamaphutha enethiwekhi; iqondanise nezibuyekezo namaqembu.
- Uma ungakwazi ukuvula izimbobo, sebenzisa isango le-RDP eline-MFA noma umthengisi ovikelekile ogwema ukudalula imbobo engu-3389.
Uma uxhumano lwakho lwedeskithophu yesilawuli kude ngokuzumayo luyeka ukusebenza, ungase ucabange ukuthi i-firewall noma umshini uvaliwe. Kodwa nge-RDP, umlandu wangempela uvame... izinqubomgomo zenethiwekhi, ama-GPO, noma amasevisi avimba imbobo 3389 Ngaphandle kwesixwayiso. Izindaba ezinhle: ngokulandelana okuhleliwe kokuhlola, ungahlukanisa iphutha ngemizuzu.
Kulo mhlahlandlela uzothola izinqubo ezisebenzayo neziqinisekisiwe zokuxilonga nokulungisa izinqubomgomo, imithetho, nokucushwa okuvimbela i-RDP ukungena Windows, kokubili ezintweni zasendaweni nezikude, kunethiwekhi yebhizinisi, i-VPN futhi ngisho emafwini like -Google Ifu. Uzobona nokuthi ungabhekana kanjani namaphutha okuqinisekisa (i-CredSSP), izitifiketi, ukungqubuzana kwembobo, i-DNS nokusebenza, kanye nezinye izindlela lapho udinga okuthile okusebenzayo ngaphandle kokuvula izimbobo.
Ungathola kanjani ukuthi inqubomgomo noma inethiwekhi ivimba i-RDP
Ngaphambi kokuthi uthinte isibhalisi noma i-firewall, kuwumqondo omuhle ukuqinisekisa ukuthi inkinga ikuyo ukufinyelela kwenethiwekhi, ukuhlunga, noma ukugcwaliswa kwesikhalaIsinqamuleli esiwusizo esivela kwenye ikhompyutha ukuhlola ukufinyelela kwembobo usebenzisa izinsiza ezifana ne-psping: psping -accepteula <IP-equipo>:3389. Uma ubona Ixhumeka ku... ngemizamo engaphumeleli, noma a Ikhompuyutha yesilawuli kude inqabile ukuxhumeka kwenethiwekhi, ikhombisa ukuvinjwa okumaphakathi noma ukuphela kwesevisi.
Hlola emithonjeni eminingi (enye i-subnet, enye i-VPN, inethiwekhi yasekhaya, noma i-4G) ukuze ubone ukuthi ukuvinjwa ukukhetha ngokwengxenye noma ngemvelaphiUma ihluleka kuzo zonke izinhlangothi, kungenzeka ukuthi ivinjwe i-firewall noma iWindows ngokwayo. Uma ihluleka ohlangothini olulodwa kuphela, hlola uhlu lwabavunyelwe. Ama-ACL kanye nemithetho ye-firewall okuphakathi.
Ngokushesha hlola isimo se-RDP nezinkonzo zayo
Qala ngokuqinisekisa ukuthi isistimu yesilawuli kude ivumela uxhumo lwe-Remote Desktop kanye nokuthi amasevisi ayasebenza; lokhu kukhipha izinto eziyisisekelo nge ababili noma abathathu imiyalo.
Emshinini wendawo, ukunika amandla i-RDP kulula njengokuvula Izilungiselelo nokuyivula. Ideskithophu ekude (bheka usebenzisa Windows 11 Ideskithophu EkudeUkuze uthole ukulawula okungcono (noma uma i-UI ingaphenduli), hlola ilogu kokuthi: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Terminal Server y HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows NT\Terminal Services. Inani fDenyTSConnections kumele kube 0 (inani 1 lisho ukuthi i-RDP ikhubazekile).
Ukude, xhuma kusibhalisi senethiwekhi kusuka ku-Registry Editor (Ifayela> Xhuma ku-Network Registry), zulazula ezindleleni ezifanayo, futhi uqinisekise ukuthi ayikho inqubomgomo ephoqelela ukuvinjwa; uma kuvela fDenyTSConnections=1, iguqule ibe ngu-0 futhi uqaphele ukuthi Ibuyela ku-1 ngemva kwemizuzu embalwa. (uphawu lwe-GPO evame kakhulu).
Futhi hlola ukuthi izinsizakalo ezidingekayo ziyasebenza kuzo zombili iziphetho: Amasevisi edeskithophu yesilawuli kude (TermService) y Izinsiza Zedeskithophu Ekude Isiqondisi Sembobo Yemodi Yomsebenzisi (UmRdpService)Ungakwenza ku-service.msc noma nge I-PowerShellUma udinga imihlahlandlela yezinsiza zokuhlela, thintana Shintsha izinsiza ku-Windows 11Uma umuntu evalelwe, Iqale bese uzama futhi.
I-Group Policy Object (GPO): Ungavinjwa kanjani nokuthi uvule kanjani
Uma i-RDP ingakwazi ukwenziwa isebenze ngesixhumi esibonakalayo, noma inani lokubhalisa libuyiselwa emuva, cishe ngokuqinisekile liphoqelelwa inqubomgomo. Ukuze uhlonze le nqubomgomo emshinini othintekile, sebenzisa umyalo olandelayo kokuthi a I-CMD phezulu gpresult /H c:\gpresult.html futhi ivula umbiko; ngaphansi Ukucushwa Kwekhompyutha > Izifanekiso Zokuphatha > Izingxenye Ze-Windows > Izinsizakalo Zedeskithophu Ekude > Umsingathi Weseshini Yedeskithophu Ekude > Ukuxhumana isiqondiso sibheka Vumela abasebenzisi ukuthi baxhume ukude besebenzisa Amasevisi Edeskithophu Ekude.
Uma ubona ngathi KukhutshaziweBheka umbiko ukuze uthole ukuthi yini I-GPO iyanqoba nokuthi lisebenza kumuphi umkhakha (isayithi, isizinda, noma i-OU). Buyekeza futhi ukuthi kanjani Ukujoyina isizinda ku-Windows Uma usola izinkinga zesizinda, kusukela ku-Group Policy Object Editor (GPE) ezingeni elifanele, shintsha lowo mgomo ube Inikwe amandla noma Ayilungiswangafuthi emaqenjini abathintekayo, iphoqa isicelo nge gpupdate /force.
Uma uphatha nge-GPMC, ungaphinda ususe isixhumanisi kuleyo GPO ku iyunithi yenhlangano lapho kusebenza khona ezintweni ezithintekayo. Khumbula ukuthi uma i-block ivela SOFTWARE\IzinqubomgomoI-GPO izophinda ibhale okubhaliselwe kuze kube yilapho ususa noma uhlela inqubomgomo.
Ngomshini wesilawuli kude, yenza umbiko ofanayo nowasendaweni, wengeze ipharamitha yekhompyutha: gpresult /S <nombre-equipo> /H c:\gpresult-<nombre-equipo>.htmlokuzokunikeza ukwakheka kwedatha okufanayo ukuze uphenye nge-GPO eyimbangela.
Umlaleli, ichweba kanye nezingxabano ku-3389
Ngisho nomyalelo ulungile, uma umlaleli we-RDP engalaleli, ngeke ibe khona iseshini. Ku-PowerShell ephakeme (yasendaweni noma ukude nge Enter-PSSession -ComputerName <equipo>), yenze qwinsta futhi uqinisekise ukuthi okufakiwe kukhona rdp-tcp nombuso LalelaUma ingaveli, umlaleli angase alimale.
Indlela ethembekile ibandakanya ukuthumela ukhiye womlaleli emshinini onempilo onenguqulo efanayo ye-Windows: HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TcpKukhompyutha ethintekile, gcina ikhophi yesimo samanje nge reg export "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-tcp" C:\Rdp-tcp-backup.reg, ikhipha ukhiye (Remove-Item -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-tcp' -Recurse -Force), ifayela elihle le-.reg libalulekile futhi iqala kabusha i-TermService.
Ngemva kwalokho, hlola port. I-RDP kufanele ilalele 3389. Hlola HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\<listener> nenani PortNumberUma kungeyona i-3389 futhi ungenaso isizathu sokuphepha sokuyishintsha, buyela ku-3389 bese uqala kabusha isevisi.
Ukuze uthole ukungqubuzana, gijima cmd /c 'netstat -ano | find "3389"' futhi uqaphele i-PID esesimweni UkulalelaBese, nge cmd /c 'tasklist /svc | find "<PID>"' Khomba inqubo. Uma kungenjalo TermServiceLungiselela kabusha leyo sevisi kwenye imbobo, yikhiphe uma kungenasidingo, noma njengendlela yokugcina, shintsha ichweba le-RDP futhi uxhume ngokucacisa i-IP: port (ayilungele ukuphathwa okujwayelekile).
Izitifiketi ze-RDP nezimvume ze-MachineKeys
Enye imbangela evamile yokuxhumana okungaphelele a isitifiketi se-RDP esiphukile noma esingakakhiwa kabushaVula isitifiketi se-MMC se-akhawunti yeqembu, yiya ku Ideskithophu Ekude > Izitifiketi bese ukhipha isitifiketi se-RDP esizisayinele. Qala kabusha isevisi ye-Remote Desktop futhi uvuselele: entsha kufanele idalwe ngokuzenzakalelayo.
Uma ingaveli, hlola izimvume ze C:\ProgramData\Microsoft\Crypto\RSA\MachineKeys. Qiniseka ukuthi BUILTIN\Administrators ube nokulawula okuphelele futhi Wonke umuntu thembela Ukufunda nokubhalaNgaphandle kwalawa ma-ACL, iWindows ayikwazi ukukhiqiza ukhiye nesitifiketi esidingekayo ku-RDP.
I-Windows Firewall nokuhlola ububanzi
Kumaklayenti namasistimu eseva, Windows Defender I-firewall idinga imithetho evulekile engenayo ye-RDP. Hlola umthetho owakhelwe ngaphakathi "Ideskithophu Ekude – Imodi Yomsebenzisi (TCP-In)"Nge netsh advfirewall firewall show rule name="Remote Desktop - User Mode (TCP-In)"; kufanele Ivunyelwe, isetshenziswe kumaphrofayela afanelekile, i-TCP Protocol kanye ne-Local Port 3389.
Uma uphatha ngesixhumi esibonakalayo, iya ku-Windows Defender Firewall > Vumela uhlelo lokusebenza noma isici bese ukhetha "Ideskithophu Ekude". I-Privado (futhi esidlangalaleni kuphela uma unesizathu esicacile). Kokuthi "Izilungiselelo Ezithuthukisiwe", qinisekisa ukuthi umthetho ongenayo we-TCP 3389 uyasebenza. Njengesinyathelo sokuxazulula inkinga (hhayi kumanethiwekhi omphakathi), ungakwazi ukukhubaza okwesikhashana i-firewall ukuze uhlole ukuthi uxhumano luyadlula yini bese uluvula kabusha ngokushesha.
Ukusuka ngaphandle, indlela ecace kakhulu yokuqinisekisa ukufika echwebeni i-psping: psping -accepteula <IP>:3389Uma uthola Ukulahleka okungu-0%Isitaki senethiwekhi kanye ne-firewall kuvumela ukuxhumana. Uma konke kunjalo Ukulahleka okungu-100% o wenqabileIsikhathi sokunyukela kunethiwekhi/udonga lokuvikela noma ubuyekeze i-NAT, i-VPN kanye izihlungi phakathi kwamasegimenti.
Ukuqinisekisa: iziqinisekiso, i-CredSSP nezimvume
Thayipha amaphuthaUkuqinisekisa kwakho akusebenzanga"Noma"I-akhawunti ayigunyaziwe ukungena ngemvume ukude"Ngokuvamile akulula ukuzilungisa: hlola igama lomsebenzisi/igama lokungena lifomethwe kahle (isibonelo, DOMINIO\usuario), isusa noma yiziphi izifakazelo eziphelelwe yisikhathi ku- Umphathi wokuqinisekisa futhi uqinisekise ukuthi i-akhawunti ayivinjiwe.
Nge-CredSSP, uma okokusebenza kungakabi yisikhathi, ukwehluleka ukufakazela ubuqiniso okunzima ukukuchaza kuzokwenzeka. Qiniseka ukuthi unayo IWindows ibuyekeziwe kukho kokubili iklayenti nomsingathi. Njengesinqamuleli ezindaweni ezindala, ungakwazi ukunika amandla ku-GPO “Vumela ukuthunyelwa kwemininingwane egciniwe enokuqinisekiswa kweseva ye-NTLM kuphela” noma, ngokubhalisa, setha. AllowEncryptionOracle a 2 en HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System.
Ungakhohlwa ubulungu beqembu: emaqenjini angewona awesizinda, engeza i-akhawunti kuwo Abasebenzisi bedeskithophu yesilawuli kude Kusuka ku-Computer Management > Abasebenzisi Bendawo Namaqembu. Esizindeni, qinisekisa ukuthi ubulungu buthobela umthetho Inqubomgomo Yemibhalo Yemibhalo Esebenzayo empeleni ngaphambi kokuthinta noma yini.
I-DNS, i-VPN, nezinye iziguquko zenethiwekhi
Uma uxhuma ngegama futhi ikheli lasesizindeni se-inthanethi losokhaya lishintshile, iklayenti kungenzeka lisakhomba ikheli elidala ngenxa yenqolobane. Hlanza nge ipconfig /flushdns futhi, uma iphikelela, sebenzisa i I-IP eqondile Ukuze ukhiphe inkinga yokuxazulula, hlola ukuthi i-adaptha isebenzisa i- iseva elungile ye-DNS kokuthi Iphaneli Yokulawula > Isikhungo Senethiwekhi > Shintsha izilungiselelo ze-adaptha.
Ngama-VPN, abanye abahlinzeki bavimba noma baqondise kabusha imbobo engu-3389, noma bayihlanganise ngendlela engqubuzana nokubethela kwe-RDP. Nqamula i-VPN futhi uhlole, noma ulungise inqubomgomo ukuze uvumele i-RDP. ukuhlukanisa ukuhlukana noma “vumela izinhlelo zokusebenza”. Uma uthola ukuphazamiseka noma izikrini ezimnyama, yehlisa i-MTU ngephuzu elilodwa: netsh interface ipv4 show subinterfaces ukukubona futhi netsh interface ipv4 set subinterface "Ethernet" mtu=1458 store=persistent ukuyilungisa.
Uma iklayenti libonakala lingaphenduli kodwa iseshini isekhona, kungase kube inkinga ukulungiswa noma usayizi wewindiKuklayenti Lokuxhunywa Kwedeskithophu Ekude (mstsc), chofoza okuthi "Bonisa Izinketho" bese kuthebhu ethi Bonisa hambisa isilayidi sokuxazulula noma uvule isikrini esigcwele; "izixhumanisi ezingasebenzi" eziningi zilungisiwe. ukulungisa iwindi.
Izinkinga ezaziwayo namasevisi wamafu: Windows 11 24H2 kanye ne-Google Cloud
Amacala abikiwe lapho kuxhunywa nge-RDP kuya Windows 11 24H2 Iseshini iba yiqhwa ekuqaleni, ikakhulukazi phakathi imishini engokoqobo Mayelana ne-hypervisor. Ezinye iziqephu zesikhashana azikayixazululi; gcina isistimu yakho ivuselelwe ngokugcwele futhi uhlole abashayeli bevidiyo/vGPU be-hypervisor, njengoba ngezinye izikhathi inkinga iba ku-hypervisor. Ishadi le-RDP noma isitakiUkuqalisa kabusha umsingathi kubuyisela ukuxhumeka okwesikhashana, kodwa isisombululo sihilela izibuyekezo eziqoqiwe namashayeli/i-firmware.
Ku-Google Compute Engine, ngaphezu kwephasiwedi yasendaweni ye-Windows (yisethe kabusha isuka gcloud noma ikhonsoli), hlola umthetho default-allow-rdpUhlu lwemithetho nge gcloud compute firewall-rules list futhi, uma ingekho, dala eyodwa ngayo gcloud compute firewall-rules create allow-rdp --allow tcp:3389. Qinisekisa ukuthi usebenzisa i- Lungisa ikheli le-IP langaphandle con gcloud compute instances listUma i-OS ingalungiselelwanga kahle, yifinyelele nge interactive serial console futhi wenze:
• Isevisi: net start | find "Remote Desktop Services" (uma ingekho, net start "Remote Desktop Services")
• Nika amandla i-RDP: reg query "HKLM\SYSTEM\CurrentControlSet\Control\Terminal Server" /v fDenyTSConnections (0 kulungile; uma 1: reg add ... /d 0)
• I-Firewall: netsh advfirewall firewall show rule name="Remote Desktop - User Mode (TCP-In)" (kodwa, netsh firewall set service remotedesktop enable)
• Isendlalelo sokuvikeleka: reg add "HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp" /v SecurityLayer /t REG_DWORD /d 1 /f
• I-NLA ezenzakalelayo: reg add ... /v UserAuthentication /t REG_DWORD /d 0 /f
Ukuxilonga okuthuthukile: imicimbi, inethiwekhi namathuluzi
Uma okungenhla kungayilungisi inkinga, sekuyisikhathi sokubheka imicimbi nemikhondoVula Isibuki Somcimbi bese uhlola Amalogi e-Windows > Uhlelo lokusebenza kanye nohlelo, kanye nemithombo I-TerminalServices-RemoteConnectionManager y I-Microsoft-Windows-RemoteDesktopServices-RdpCoreTS ngamaphutha acacile emzamweni ngamunye.
Kunethiwekhi, thwebula nge-Wireshark bese uhlunga tcp.port==3389 Hlola amasiginali we-SYN/SYN-ACK, ukusetha kabusha, noma ukwehla kokuxhumana phakathi. Uma ingekho ithrafikhi, ibhulokhi isendleleni; uma kunethrafikhi futhi yehla ngesikhathi sokuxoxisana ngezokuphepha, sola... ukungafani kokubethela/i-NLANjengokuhlola okusheshayo kokuvuleka kwembobo, telnet <IP> 3389 (Uma ixhuma, ichweba liyafinyeleleka.) Ungasebenzisa futhi ezinye izinsiza ezifana usebenzisa i-ntttcp ku-Windows ukuhlolwa kokusebenza nokugcwalisa.
I-Microsoft inikeza i-RDP Protocol Monitor/Analyzer, futhi ku-Windows Server 2012/2012 R2, Ithuluzi Lokuxilonga Izinsiza Zedeskithophu Ekude Ukukhomba izingqinamba. Uma ungakwazi ukunikeza isikhathi odabeni ngalunye oluvelayo, lungiselela imibhalo: netsh int ip reset && netsh winsock reset yenethiwekhi, futhi taskkill /F /IM mstsc.exe && net stop termservice && net start termservice ukusula izikhathi ze-RDP futhi uqale kabusha izinsiza (isixwayiso: finyeza izikhathi ezisebenzayo).
I-"RDP - Kwenzeke iphutha langaphakathi"
Lo mlayezo ojwayelekile uvame ukufihla a ukungahambi kahle kokuphepha phakathi kweklayenti neseva. Hlola ukuthi izinga lokubethela kanye nesendlalelo sokuvikeleka ziyahambelana yini (ku-GPO: Ukuphepha Komsingathi Wesikhathi > “Dinga ukusetshenziswa kwesendlalelo esithile sokuvikela” bese ukhetha zomxhaso (uma i-TLS yehluleka). Uma iseva idinga i-NLA futhi iklayenti lingakwazi, yekisa ukumaka i-NLA okwesikhashana kokuthi Izakhiwo Zesistimu > Isilawuli kude ukuze uhlole ukuthi ingabe lokhu kuyimbangela.
Ezinye izici: amaklayenti e-RDP aphelelwe yisikhathi ngokumelene namaseva amasha, izindaba zokwethenjwa kwesizinda (Ukuphinda ujoyine isizinda kwesinye isikhathi kuxazulula lokhu), noma amaphrofayela okuvikela aphoqelela ukubethela okungakusekeli kwesinye isiphetho. Kokuzizwisa Kwekhasimende, nika amandla ukuxhuma kabusha okuzenzakalelayo kanye nenqolobane eqhubekayo ye-bitmap ukuze uthole izikhathi eziqine kakhulu.
Lapho iphutha livela ngemuva kokuvuselelwa kweWindows futhi akukho okungenhla okunengqondo, cabanga ukubuyisela leso siqeshana esithile (Iphaneli> I-Windows Update > Umlando > Khipha izibuyekezo), ngemva kokubonisana nezinkundla zobuchwepheshe (isibonelo, imicu ye I-Patch ngoLwesibili) uma kwenzeka kuyinkinga eyaziwayo.
Ukusebenza, umthamo kanye ne-multimedia
Uma isikhalazo kungekona ukuthi "ngeke sixhumeke" kodwa "sishubile," qala ngokunciphisa umthwalo ovela kuklayenti le-RDP: phansi isixazululo nokujula kombalaKhubaza ingemuva, izitayela ezibonakalayo, nokushelela kwefonti kuthebhu Yokuzizwisa. Lezi zinyathelo zehlisa ukusetshenziswa komkhawulokudonsa futhi zithuthukise ukubambezeleka.
Kuseva, hlola i-CPU/RAM/Disk ku- Umphathi WomsebenziUma isemikhawulweni yayo, noma iyiphi iseshini ye-RDP izohluleka. Khumbula ukuthi iWindows Desktop ivumela kuphela iseshini kanyekanyeI-Windows Server inamalayisense amabili okuphatha azenzakalelayo futhi idinga amalayisense e-RDS CAL engeziwe.
Ngomsindo, lungiselela iklayenti le-RDP > Izinsiza Zasendaweni > Umsindo Okude ukuze "udlale kule khompyutha", futhi uqinisekise ukuthi amasevisi IWindows Audio futhi “I-Windows Audio Endpoint Generator” iyasebenza. Kuvidiyo enzima, i-RDP ayihlali ilungile; ezinye izindawo ezindala zikhuluma nge-RemoteFX, kodwa namuhla kungcono ukukhetha I-codec eguquguqukayo kanye nokusheshisa kwesimanje noma uhlole amathuluzi aklanyelwe Ukusakaza imidwebo
Amacala asheshayo nezixazululo ezivezwayo
Uma i-Windows Defender ivimba uxhumano Windows 10/11, iya ku-Windows Defender Firewall> Vumela uhlelo lokusebenza futhi wenze kusebenze “Ideskithophu Ekude” ngokukhetha amabhokisi Ayimfihlo (Nomphakathi kuphela uma kufanele), cindezela ukwamukela kanye nokuhlola. Ezehlakalweni eziningi zomhlaba wangempela, lezi ukuchofoza kathathu Bebengumehluko phakathi kokukhungatheka nempumelelo.
Uma udinga ukushintsha imbobo ngoba enye isevisi isebenzisa i-3389, hlela HKLM\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp > I-PortNumberIsibonelo, faka u-3390, qala kabusha isevisi futhi uxhume njenge IP:3390Khumbula ukulungisa firewall kanye NAT kulelo chweba elisha.
Ezinye izindlela namasango lapho ungakwazi ukuvula izimbobo
Kumanethiwekhi lapho ukuvulwa kwe-3389 kungenakwenzeka (noma ungafuni ukukuveza), cabanga ngezixazululo umlamuli wamafu ezigwema imithetho yezandla kanye nezinkathazo ze-DNS: I-RealVNC Connect inikeza i-SSO kanye nokuphathwa okumaphakathi; Ideskithophu ekude kude ye-Chrome Kumahhala futhi kulula uma usuvele usebenzisa i-Chrome; I-TeamViewer futhi Noma iyiphi i-Desk Babeka phambili ukusetshenziswa kalula kanye nesivinini se-cross-platform. Akhona nama-suites anjengalawa I-TSplus, okuhloswe ngayo ukuqinisa ukuvikeleka nokwenza lula ukufinyelela kude ngesilinganiso.
Uma uzohlala ku-RDP, indlela ephephile ukusetha a Isango Ledeskithophu Ekude (Isango le-RD)Idinga i-NLA ne-MFA, futhi ukhawulele ukufinyelela nge-VPN noma i-IPSec. Lena indlela ejwayelekile yokunikeza ukufinyelela ngaphandle kokuvula imbobo engu-3389 emhlabeni.
Ukuphepha okuhle nezinqubo zokuthobela
Qinisa i-RDP ngokuvula I-NLAKusetshenziswa izimiso zesimanje zokubethela futhi, uma uhlaka lwakho luyidinga (GDPR/HIPAA), olwenza izinqubomgomo eziqinile zokubethela (isb., FIPS) kanye nezitifiketi ezivumelekile ezikhishwe i-CA ethenjwayo. Vimba ukuchayeka esidlangalaleni, khawula amanethiwekhi/ama-VPN ayimfihlo, bese uphoqelela MFA esangweni noma kumdayisi.
Ekugcineni, hlala ubhekile izingodoFaka amapheshana njalo futhi wenze ukuhlola ngezikhathi ezithile. Izinkinga eziningi ze-RDP zingagwenywa ngenhlanganisela yalezi zinyathelo. izinqubomgomo ezinhlesula imithetho yokuvikela nokuqapha.
Umbhali oshisekayo ngomhlaba wamabhayithi nobuchwepheshe ngokujwayelekile. Ngiyathanda ukwabelana ngolwazi lwami ngokubhala, futhi yilokho engizokwenza kule bhulogi, ngikubonise zonke izinto ezithakazelisayo kakhulu ngamagajethi, isofthiwe, ihadiwe, izitayela zobuchwepheshe, nokuningi. Inhloso yami ukukusiza ukuthi uzulazule emhlabeni wedijithali ngendlela elula nejabulisayo.