Radmin Default Installation Security Vulnerabilities

June 30, 2008 – 10:21 AM

“By default, Radmin uses a known port, TCP port 4899 for remote access. In addition, if you are using password authentication only, a remote user only has to find an open TCP port 4899 and guess one word: your password.

Suggestions:
It is very easy to implement any or all of the following suggestions:
1) Change the default port from 4899 to something else.
2) Use IP addresses filtering to limit the host range if possible.
3) If Radmin is running on NT, Win2k or XP PRO, use WinNT options (enable the NTLM authentication option, “WinNT options”) or use a STRONG password.
4) Enable the log file and look for unknown addresses attempting to access your server.
5) Put Radmin behind a Firewall and access via VPN.”

Source:
http://www.securiteam.com/securitynews/5VP060U8AO.html

You must be logged in to post a comment.