Remote Desktop Security

Toggle sidebar Toggle sidebar
N

Name

Distinguished
Jan 12, 2003
160
0
18,680
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Hi,

My question is about the security of Remote Desktop. I have heard elswhere
that RDP communication is/maybe encrypted.

Can anybody elaborate on what kind of encryption this is, can it be turned
on/off. What is the default status?

Are there any flaws in this encryption so that we will need another VPN to
pass the RDP connection thru?

Thanks for any help,
Regards
 
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

Read all about it here...

http://msdn.microsoft.com/library/default.asp?url=/library/en-us/termserv/termserv/remote_desktop_protocol.asp

If you need to feel safer run RDP though a VPN or SSH tunnel.

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

"Name" <validemail@com> wrote in message news:OzFk97S3EHA.1152@TK2MSFTNGP14.phx.gbl...
> Hi,
>
> My question is about the security of Remote Desktop. I have heard elswhere that RDP communication
> is/maybe encrypted.
>
> Can anybody elaborate on what kind of encryption this is, can it be turned on/off. What is the
> default status?
>
> Are there any flaws in this encryption so that we will need another VPN to pass the RDP connection
> thru?
>
> Thanks for any help,
> Regards
>
 
Archived from groups: microsoft.public.windowsxp.work_remotely (More info?)

I think Al's links are authoritative.

There have been flaws in the RDP encryption system in the past, but they are
long since patched:

http://www.microsoft.com/technet/security/bulletin/MS02-051.mspx

RDP alone as a protocol is vulnerable to a man in the middle attack.

Such an attack is not easy to mount, but note this evidence:

http://bitstop.com.ph/archive/2004/11/16/609.aspx

Here's a description of the issue:

http://www.windowsitpro.com/WindowsSecurity/Articles/ArticleID/38589/pg/2/2.html

RDP hasn't been changed to eliminate this problem. Running RDP within a VPN
tunnel helps.

The other issue with RDP are brute force attacks on the password.

There are automated mechanisms out there and in use performing such attacks,
so use a strong password.

"Name" <validemail@com> wrote in message
news:OzFk97S3EHA.1152@TK2MSFTNGP14.phx.gbl...
> Hi,
>
> My question is about the security of Remote Desktop. I have heard elswhere
> that RDP communication is/maybe encrypted.
>
> Can anybody elaborate on what kind of encryption this is, can it be turned
> on/off. What is the default status?
>
> Are there any flaws in this encryption so that we will need another VPN to
> pass the RDP connection thru?
>
> Thanks for any help,
> Regards
>
 
You must log in or register to reply here.

TRENDING THREADS

Latest posts

Share this page

COMPANY
RESOURCES
FOLLOW
Top Bottom