Answer the question
In order to leave comments, you need to log in
How to securely distribute the Internet from your phone so that no one can connect remotely?
Good afternoon.
Background:
Recently, he began working in an infectious diseases hospital as a system administrator, when quarantine was introduced - he had to move away from his family so as not to put them at risk.
Network status at the moment:
In the new "house" there is a system unit with windows 7, without a monitor and a laptop with ubuntu 16.04 I distribute the Internet from the phone -> the laptop catches it and distributes it to the system unit. I manage the system unit via RDP (remmina) through a laptop.
Essence of the question:
What can I do to make it impossible to connect via RDP to my system unit from the Internet? Remote control of the system unit from a laptop must be preserved, the Internet on the system unit is not essential.
Sad experience, what I'm afraid of:
At work, a senior programmer forwarded a port on the router in order to set up a server from home, the attackers took advantage of this and in just a few hours the server ceased to belong to us, they connected via RDP and archived all the information, leaving a text file demanding money for the archive password. I am afraid that my sistemnik will suffer the same fate.
Thanks in advance for your replies.
Answer the question
In order to leave comments, you need to log in
You work as an IT specialist.... this information that you should know...
No one will connect to you, mobile phones have gray ip addresses. Ca n't connect to them.
How about the programmer, did they crack rdp? Was there a simple username/password?
There is protection against password brute force, it was necessary to configure it correctly
. In general, rdp usually does not open to the “world”, only through vpn
I am afraid that my sistemnik will suffer the same fate.
At work, a senior programmer forwarded a port on the router in order to set up a server from home, attackers took advantage of this
This is how non-trivially an ordinary enikey worker with zero knowledge calls himself a system administrator. No offense. Craving for knowledge - already excellent. I would look into the eyes of OK, who introduced the position of "senior programmer" to the state. Something tells me that he did not write any programs ...
ZY . To the kind colleagues who unsubscribed in the comments above, my respect. They answered all the questions, I repeat on my own - through the phone you are behind the provider's name, there is no reason to worry. As correctly advised - if you are worried, disable the checkbox in the properties of the system in remote access.
Didn't find what you were looking for?
Ask your questionAsk a Question
731 491 924 answers to any question