I was recently away on a training course and went in to an internet cafe to
connect to work via RDP. When I was done, I could not figure out how to
clear our servername (in the Connect to box), my username and our domain
from the RDP connection window. This means someone could potentially sit
down at this machine and have everything they need to connect to our
terminal server except for my password!

There must be an easy way to remove this information from a PC...

Can anyone help me??

Thanks,

Brad

Delete the default.rdp file from the My Documents folder

Delete the MRU entry from the registry,

HKCU\Microsoft\Terminal Server Client\Default

Delete entry under LocalDevices, if you instructed the client
not to ask you again about drive redirection,

HKCU\Microsoft\Terminal Server Client\LocalDevices

You should change your password immediately after using
a public or other non-secure computer. Internet cafe
computers could easily have a keyboard logger installed.

-TP

Brad Pears wrote:
> I was recently away on a training course and went in to an internet
> cafe to connect to work via RDP. When I was done, I could not figure
> out how to clear our servername (in the Connect to box), my username
> and our domain from the RDP connection window. This means someone
> could potentially sit down at this machine and have everything they
> need to connect to our terminal server except for my password!
>
> There must be an easy way to remove this information from a PC...
>
> Can anyone help me??
>
> Thanks,
>
> Brad

This is not your intial question, but that why I do NOT recommend to have a
TS server exposed to the web. You shoud protect it behind a VPN. Any kind of
VPN will be fine (PPTP, SSL, ...). For you, the PPTP one can comes for free
with your Windows Server, and it easy to setup on client machine. As a matter
of fact, SSL is the more convenient. By the way, do not forget to setup your
users account to lockup after, say, 3 bad login/password. For the cleaning of
the list, the answer above is comprehensive.

Regards,

"Brad Pears" wrote:

> I was recently away on a training course and went in to an internet cafe to
> connect to work via RDP. When I was done, I could not figure out how to
> clear our servername (in the Connect to box), my username and our domain
> from the RDP connection window. This means someone could potentially sit
> down at this machine and have everything they need to connect to our
> terminal server except for my password!
>
> There must be an easy way to remove this information from a PC...
>
> Can anyone help me??
>
> Thanks,
>
> Brad
>
>
>

On Sun, 19 Feb 2006 02:21:27 -0800, "RP-FR" <(E-Mail Removed)>
wrote:

-This is not your intial question, but that why I do NOT recommend to have a
-TS server exposed to the web. You shoud protect it behind a VPN. Any kind of
-VPN will be fine (PPTP, SSL, ...). For you, the PPTP one can comes for free
-with your Windows Server, and it easy to setup on client machine. As a matter
-of fact, SSL is the more convenient. By the way, do not forget to setup your
-users account to lockup after, say, 3 bad login/password. For the cleaning of
-the list, the answer above is comprehensive.
-
Why is this more secure in the scenario he outlined?

If a keylogger was installed on the PC in question, then the OP would have still
had to setup a VPN connection from the internet cafe, which would have meant
typing his password........
-Rob
robatwork at mail dot com

That's why I will probably never connect with TS from a public computer.
That's also why my latop is always with me when it's time to do some serious
job across the web.

Anyway, I think thit is another question. My position is quite simple: no TS
server directly on the WAN side. By the way and regarding Internet Café, I
hope that most of them have secure computer with no way for user to setup any
kind of malware.

Regards,

Raphael

"Rob S" wrote:

> On Sun, 19 Feb 2006 02:21:27 -0800, "RP-FR" <(E-Mail Removed)>
> wrote:
>
> -This is not your intial question, but that why I do NOT recommend to have a
> -TS server exposed to the web. You shoud protect it behind a VPN. Any kind of
> -VPN will be fine (PPTP, SSL, ...). For you, the PPTP one can comes for free
> -with your Windows Server, and it easy to setup on client machine. As a matter
> -of fact, SSL is the more convenient. By the way, do not forget to setup your
> -users account to lockup after, say, 3 bad login/password. For the cleaning of
> -the list, the answer above is comprehensive.
> -
> Why is this more secure in the scenario he outlined?
>
> If a keylogger was installed on the PC in question, then the OP would have still
> had to setup a VPN connection from the internet cafe, which would have meant
> typing his password........
> -Rob
> robatwork at mail dot com
>

On Mon, 20 Feb 2006 06:31:27 -0800, "RP-FR" <(E-Mail Removed)>
wrote:

-Anyway, I think thit is another question. My position is quite simple: no TS
-server directly on the WAN side. By the way and regarding Internet Café, I
-hope that most of them have secure computer with no way for user to setup any
-kind of malware.

I'd guess you overestimate the abilities or desires of internet cafes. I suspect
most of them simply wipe their PCs and build their PCs from a clean ghost image
daily / weekly....


-Rob
robatwork at mail dot com