Main Menu

FreeRDP

Started by Bloody Jack Kidd, April 10, 2012, 02:30:05 PM

Previous topic - Next topic

0 Members and 1 Guest are viewing this topic.

Bloody Jack Kidd

Anyone ever used FreeRDP for anything?
Sysadmin - Parallel42

Mark

Not I.  Pretty sure that I used the rdesktop fork at some point because the name rings a bell, and I KNOW I used rdesktop a million times.  But, once I'm out of the office, I try to stay away from computers.

I have one Windows 7 machine at home I use once or twice a week.  Usually on Saturday mornings when I'm putting in an hour or two of work (updates, reboots, maintenance, etc, etc).

You have questions about it?
Mark Piontek, MBA
Director of Information Systems
BS in Information Systems Security

Bob

Quote from: Bloody Jack Kidd on April 10, 2012, 02:30:05 PM
Anyone ever used FreeRDP for anything?

I am always suspect of FREE anything and what baggage comes along not disclosed.  More so with rdp or any remote access.  I know you'll dissect that app and monitor it, so let us know what you think.

Mark

Quote from: Bob Connor on April 10, 2012, 03:11:18 PM
I am always suspect of FREE anything and what baggage comes along not disclosed. 

Bob, don't discolor the line between FREEWARE and Open Source Software.  It is not grey.  ;)
Mark Piontek, MBA
Director of Information Systems
BS in Information Systems Security

Bob

True but don't you think sooner or later someone will out smart the smart ones even with the checks in place.   Hell I would what better way.  Some of the best hacks today we don't even know yet.  Lay low, don't draw attention and keep on collecting blow the world away later with how long it's been going down.    Open source is good no doubt.  Sooner or later it has to be violated as with everything else.  RDP not an area I would trust because of people who think like I do.   I couldn't do it, but I believe nothing is impossible no matter how difficult.  Just cautious with remote access.

No doubt open source different bird than freeware.  :)

Mark

Sure, but this horse has been beaten before.  The beauty of Open Source is that the source is open.  Anyone who can read it can read it.  and they do.  As long as you check the MD5 hash against the official MD5 hash and it matches, then you are at no more risk that using non-open source stuff -- where you CANT see the code that you are running.

What you say has happened before, though.  Someone uploaded a modified version of something popular (can't seem to recall what package it was) to the official site and anyone who had downloaded it during a specific window was advised to remove and re-download.  But,this could happen anywhere.  If one had the intentions to, they could easily compromise a download server, replace a file with an infected one, and you could essentially purchase an infected program.

So, I don't think there is an argument here.  It is a way of thinking, similar to the thought that Mac's do not need anti-virus, that I'd like to see change.  The facts are out there.  8)
Mark Piontek, MBA
Director of Information Systems
BS in Information Systems Security

Bob


Agreed!  With me it's just an RDP thing...  LOL    :)

Jeff Golas

Wasn't that Limewire or Napster or something (or Bearshare or one of those P2P things otherwise).
Jeff Golas
Johnson, Kendall & Johnson, Inc. :: Newtown, PA
Epic Online w/CSR24
http://www.jkj.com

Mark

Quote from: Jeff Golas on April 10, 2012, 03:57:40 PM
Wasn't that Limewire or Napster or something (or Bearshare or one of those P2P things otherwise).

No. lol.  Not at all.  It was definitely Open Source if I am remembering correctly.  I want to say it was something from Apache?  It's driving me nuts that I can't remember what it was...
Mark Piontek, MBA
Director of Information Systems
BS in Information Systems Security

Jeff Zylstra

Quote from: Jeff Golas on April 10, 2012, 03:57:40 PM
Wasn't that Limewire or Napster or something (or Bearshare or one of those P2P things otherwise).

I was under the impression that most of those P2P programs were fatally flawed and didn't need anyone to hack them as they were unsafe right of the box!  ;)
"We hang the petty thieves, and appoint the great ones to public office"  -  Aesop

Bloody Jack Kidd

Quote from: Mark on April 10, 2012, 04:01:24 PM
Quote from: Jeff Golas on April 10, 2012, 03:57:40 PM
Wasn't that Limewire or Napster or something (or Bearshare or one of those P2P things otherwise).

No. lol.  Not at all.  It was definitely Open Source if I am remembering correctly.  I want to say it was something from Apache?  It's driving me nuts that I can't remember what it was...

I think you might be right - it wasn't Apache, but one of their other projects, someone committed some nefarious code or something...
Sysadmin - Parallel42

Mark

#11
Yeah, it was a few months ago, maybe the end of 2011 -- and I wasn't suggesting it was Apache but I feel like it was FROM Apache... but maybe it was just something that uses the Apache license and that is what is sticking in my head, lol.  I'm never good with all these different licenses!

Anyway, I can picture the download page, just not the name of the download.

EDIT: Just realized you already said "one of their other projects".  I skimmed through my twitter posts and I must not have posted it or it was further back in time than I remember.  Maybe it was Cantana?  Err, what's it called, tomcat, yeah, that's it.  Might it have been tomcat?
Mark Piontek, MBA
Director of Information Systems
BS in Information Systems Security