Virtual Desktop is a hacker tool?

Question

Windows and Linux remote/virtual desktop products are readily available from multiple providers.How do you defend against hackers using these to attack your SaaS server? You can't block a single IP because they are dynamic. You can't block the address range because some IPs are legitimate users.

sysadm1n · Accepted Answer

> How do you defend against hackers using these to attack your SaaS server?This is a broad question. There are multiple ways to defend, besides basic security like firewalls. Blocking nefarious IPs or domains only gets you so far, as something will slip through the cracks. Try reading this: https://opsec101.org/

josephcsible · Answer

Instead of exposing them directly to the Internet, have them bind only to localhost. Then run an SSH server so that people can tunnel through it to the ports, and prevent brute force logins by configuring the SSH server to only use public-key authentication.