Archived from groups: microsoft.public.windows.server.security,microsoft.public.windowsnt.terminalserver.connectivity,microsoft.public.windowsnt.terminalserver.protocols.rdp (
More info?)
Microsoft just released an advisory that Terminal Services (RDP) are
vulnerable to a Denial of Service attack.
http://www.microsoft.com/technet/security/advisory/904797.mspx
This doesn't have anything to do with wireless, over which you are just as
secure as any other medium. However, you'll want to know about this.
Chris
"Mark Findlay" <mfindlay@speakeasy.org> wrote in message
news:esNQpM$iFHA.3436@tk2msftngp13.phx.gbl...
> Correct, thanks Steve for the added info.
>
> For anyone else reading, I also changed the default port that RDC listens
> on so that hackers trying 3389 would fail.
>
> Thanks!
> Mark
>
> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
> news:eWZCPk3iFHA.1232@TK2MSFTNGP15.phx.gbl...
>> Thanks for that info Mike. In this case I believe the user is probably
>> using XP Pro [home pc mentioned]. If that is the case he still could use
>> local Group Policy to make sure default high encryption is enforced by
>> going to computer configuration/administrative templates/Windows
>> components/terminal services/encryption and security. --- Steve
>>
>>
>> "Miha Pihler [MVP]" <mihap-news@atlantis.si> wrote in message
>> news:uby9wV3iFHA.3692@TK2MSFTNGP09.phx.gbl...
>>> Hi,
>>>
>>> If I may add, just double check on Terminal server that the Encryption
>>> Level is set to at least High.
>>>
>>> For added security you could also add TLS to prevent e.g.
>>> "man-in-the-middle" attacks...
>>>
>>> How to configure a Windows Server 2003 terminal server to use TLS for
>>> server authentication
>>>
http://support.microsoft.com/?id=895433
>>>
>>> --
>>> Mike
>>> Microsoft MVP - Windows Security
>>>
>>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
>>> news:%23b%23v05yiFHA.3656@TK2MSFTNGP09.phx.gbl...
>>>> Remote Desktop establishes the tunnel before you logon. You do not
>>>> have to do anything special. Just make sure you use real strong
>>>> passwords on your computer as others most likely attempt to logon also
>>>> when they see port 3389 TCP open on your computer. I would also enable
>>>> auditing of logon events in Local Security Policy so that you can keep
>>>> track of such. If you find an abuser you could try to configure your
>>>> firewall or ipsec filter to block access from that persons public IP
>>>> address. --- Steve
>>>>
>>>>
>>>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
>>>> news:eMA8jNyiFHA.1412@TK2MSFTNGP09.phx.gbl...
>>>>> Thanks Steve,
>>>>>
>>>>> Just to clarify my understanding: the "secure tunnel" you refer to -
>>>>> that's something that RDC creates automatically on my behalf? In other
>>>>> words, there are no special configurations or special connection
>>>>> settings I need to create on my laptop or the target PC? I only ask
>>>>> since I had seen some references in other postings to private VPN
>>>>> etc., and I don't have any of that set up. I am just using the default
>>>>> installations of XP on both laptop and PC.
>>>>>
>>>>> If there are any special configuration steps I need in order to
>>>>> establish the "secure tunnel", could you elaborate on those?
>>>>>
>>>>> Many thanks!
>>>>> Mark
>>>>>
>>>>> "Steven L Umbach" <n9rou@nospam-comcast.net> wrote in message
>>>>> news:eIHF00kiFHA.2644@TK2MSFTNGP09.phx.gbl...
>>>>>> The secure tunnel is created before you enter your credentials and
>>>>>> even then your password is never sent over the network. However I
>>>>>> would never enter my credentials on a public kiosk computer or other
>>>>>> computer that I do not know is secure/clean. From your description it
>>>>>> sounds as if you are using your own laptop. --- Steve
>>>>>>
>>>>>>
>>>>>> "Mark Findlay" <mfindlay@speakeasy.org> wrote in message
>>>>>> news:%23ZSCsSkiFHA.500@TK2MSFTNGP09.phx.gbl...
>>>>>>> Greetings experts!
>>>>>>>
>>>>>>> When I am using free public wireless hotspots such as coffee-houses,
>>>>>>> etc., the security warning indicates that the connection is not
>>>>>>> secure, and I understand that (essentially
>>>>>>>
>>>>>>> My question is: If I use an un-secured wireless network connection,
>>>>>>> then attempt to use Windows Remote Desktop Connection to connect to
>>>>>>> my PC at home, is the username and password I type into the Remote
>>>>>>> Desktop Connection settings encrypted or otherwise protected? Or am
>>>>>>> I at risk of hackers intercepting the login credentials I pass to
>>>>>>> RDC?
>>>>>>>
>>>>>>> Thanks!
>>>>>>
>>>>>>
>>>>>
>>>>
>>>>
>>>
>>>
>>
>>
>