security – Does an IP lockout policy prevent most public RDP attacks?

My company uses RemoteApp to provide a “cloud edition” of our desktop software.

The RDP port has been changed from default, and we run RDP Shield, which blocks the IP address after 5 failed login attempts.

Each customer has their own Windows user account on the server they are hosted on (Windows Server 2016). Security software whitelists the programs that can run from their account etc.

I can see that Brute force attacks would be far more difficult due to lockouts, as they would require an endless supply of IP addresses.

But are there other login vulnerabilities that are present, that wouldn’t be present if we used an RD Gateway to log in?

I see RD Gateway always recommended, but can’t see a clear advantage over firewall based blocking using RD Shield.

Is TLS inherently more secure than RDP’s encryption?


Does an IP lockout policy prevent most public RDP attacks?

protocols – Defending against Wiegand sniffing (ESPKey) attacks in RFID card readers

It’s known that card readers, which use the Wiegand format, can be attacked by installing a sniffer, such as an ESPKey. After the sniffer is installed, whenever anyone uses the reader, their credentials get saved, and the attacker can clone them.

What is the defense against this? The article mentions that card readers have a tamper sensor. Is a correctly installed tamper sensor enough to thwart this attack? What exactly does the tamper sensor do, and what happens when it’s set off?

Also, since ESPKey attacks specifically target the interceptable wiegand protocol, is there some other protocol which provides secure communications? Many articles cite Wiegand as being the most common protocol. What percentage of card readers are vulnerable to this attack, and what’s the next most common non-vulnerable protocol?

dnd 5e – Can a trickery cleric’s illusory duplicate make opportunity attacks if the cleric has the War Caster feat?

The cleric’s Trickery Domain subclass has the Channel Divinity feature “Invoke Duplicity” which creates an illusory duplicate of the cleric and provides the following abilities:

For the duration, you can cast spells as though you were in the illusion’s space, but you must use your own senses. Additionally, when both you and your illusion are within 5 feet of a creature that can see the illusion, you have advantage on attack rolls against that creature, given how distracting the illusion is to the target. (PHB, pg. 63)

Can this duplicate make opportunity attacks? Or, more precisely, can the cleric make opportunity attacks through their duplicate?

If the cleric has the War Caster feat, they are able to use certain spells as opportunity attack “replacements”:

When a hostile creature’s movement provokes an opportunity attack from you, you can use your reaction to cast a spell at the creature, rather than making an opportunity attack. The spell must have a casting time of 1 action and must target only that creature. (PHB, pg. 170)

This would be necessary for allowing opportunity attacks via the duplicate because the cleric can only cast spells through them, not make weapon attacks there. (Spells with 1-action or 1-bonus-action casting times cannot be used as opportunity attacks, as discussed by Sage Advice here.)

So I think this comes down to a question of reach. Does the illusory duplicate extend the cleric’s reach to include the 5 feet around the duplicate because the duplicate allows the cleric to cast spells “as though (they) were in the illusion’s space”? They are allowed to make melee spell attacks within 5 feet of the duplicate, after all. Or is the cleric’s reach limited to the 5 feet around them, personally?

Can an Intrusion Prevention System (e.g. Snort) prevent CSRF and XSS attacks?

I am currently learning about IPS and was wondering about a query that applies to how IPS works. I have knowledge of CSRF and XSS attacks, however I am unsure if Intrusion Prevention Systems can prevent these attacks as it aims to block intrusions and is performed in-line/in-band. If someone could provide me further clarification that would be great, thanks

dnd 5e – If I have the fighter’s Extra Attack feature and the warlock’s Thirsting Blade eldritch invocation, how many attacks can I make?

Firstly, minor point, you need to be level 5, not 4, to take Thirsting Blade:

Prerequisite: 5th level, Pact of the Blade feature

And it states:

You can attack with your pact weapon twice, instead of once, whenever you take the Attack action on your turn.

Extra Attack says the same thing:

Beginning at 5th Level, you can Attack twice, instead of once, whenever you take the Attack action on Your Turn.

So the limit is still two attacks per turn.

But it is even more explicitly stated in the multiclassing section:

If you gain the Extra Attack class feature from more than one class, the features don’t add together. You can’t make more than two attacks with this feature unless it says you do (as the fighter’s version of Extra Attack does). Similarly, the warlock’s eldritch invocation Thirsting Blade doesn’t give you additional attacks if you also have Extra Attack.

dnd 5e – For the Swarmkeeper ranger’s Gathered Swarm feature, does being moved by the swarm provoke opportunity attacks?

No, it doesn’t

The rules for opportunity attacks state the following (emphasis mine):

You don’t provoke an opportunity attack when you teleport or when someone or something moves you without using your movement, action, or reaction.

Gathered Swarm clearly states that the swarm moves you. Furthermore, this movement does not use your action (as it is a rider effect on an attack), and it doesn’t use your own movement. Therefore, you do not provoke an opportunity attack.

file inclusion – How to perform RFI attacks?

I am now learning about RFI attacks and I am practising with some pieces of codes trying to perfrom RFI in order to understand better the situation. Now I am stuck at this one:

if (!isset($language)) {
    $language = 'english';
} else {
    $language = preg_replace('/(^a-z-)/', '', $language);

if (file_exists("../lan/$language/")) {
} else {
    echo "There is no such file"

Let’s say that the URL is something like some_site/directory1/directory2/something.php?language=english

I know that I am supposed to give another value in language in the URL but I am not sure what exactly can be done. I think that file_exists makes my job much harder.

Is there any way to perfrom RFI attack here?

Thanks in advance!

dnd 5e – Maximizing Wisdom-based ranged attacks per round

Is there any combination of abilities that allow one to make multiple ranged attacks per turn, every turn, that are Wisdom-based?

Examples of the sort of things I have in mind:

  • Some way to use Wisdom with ranged weapon attacks that is compatible with Extra Attack and/or two-weapon fighting
  • Some way to get eldritch blast to use Wisdom
  • Some other cantrip that includes multiple attacks, and uses Wisdom

If there are multiple approaches, the one which achieves the greatest number of “hits” (even if it does less damage) is ideal for my purposes. If there are multiple approaches to getting the same number of attacks, then I’ll likely favor whichever does so at the earliest level, though depending on the details other considerations (such as how many resources are dedicated to this) may win out.

The only option I am aware of for this is magic stone, but that has some awkward impediments:

  • You need a bonus action to set it up
  • It’s not clear that throwing a magic stone is compatible with Extra Attack, and it probably isn’t compatible with two-weapon fighting
  • Using a sling is on better ground with respect to Extra Attack, but definitely cannot achieve two-weapon fighting. Some still argue it cannot work with Extra Attack, too.

Feats, variant human, and various Tasha’s alternate or optional features are allowed. Unearthed Arcana content is allowed so long as it hasn’t been superceded by official publications, but I would prefer non-UA content. Regardless, please note the source of all materials going into achieving the build.