Security notes for JTL-Wawi Cloud with eComData

Security notes for JTL-Wawi Cloud with eComData

I had already roughly compared eComData’s offering regarding JTL Wawi Cloud with other remote desktop solutions in a previous post, but now I was lucky enough to have had a customer with a JTL Wawi Cloud RDP hosting.

The customer also wanted a brief overview regarding security. By default, JTL-Wawi Cloud also includes a www as well as an FTP server. However, the default user including password is also the default user for the FTP server. This makes brute force attacks much easier, since an attack is possible via RDP as well as FTP. The default www server can also become a security threat if updates are omitted

What surprised me more was the fact that the NetBios and SMB ports were open. SMB allows access to Windows file sharing in this configuration from the outside.

This open SMB port is therefore a high security risk, because the SMB protocol is not exactly known for its security

Basically, I also don’t think much of allowing RDP connections from every client and always recommend limiting the accessing IPs by a fixed IP or a VPN.

What I also noticed with the eComData JTL Server offer was the fact that a Sectigo SSL certificate was stored for the RDP protocol. This unfortunately suggests that the same certificate is used for all servers, which would also be a problem in terms of data protection. However, I could not verify if this is actually the case, since only this one JTL server was available to me.

You want to improve the security of your Windows server? Write me via my contact form.

Leave a Reply

Your email address will not be published. Required fields are marked *