How safe is RDP?

G

Guest

i remotely connect to my work via an ipsec vpn and use rdp to connect to the
workplaces terminal server. its extremely fast and is impressive by anybodies
standards.
however as with all ipsec's, they need configuring at both endpoints. pptp
isn't the answer here either as it requires setting up at the client end. ssl
is a so;ution to the problem but requires extra hardware/software.
what i'm after is a zero cost & zero configuration on the client side ie a
raw rdp connection from any xp client. this obviously opens up the PC on the
firewall on 3389 to external connections.
my question? how safe is this? i've configured an account lockout policy and
enforced strong passwords.
any help would be appreciated.
 
S

Sooner Al [MVP]

The native RDP data stream is encrypted. See this reference for details...

http://tinyurl.com/8bvj

Personally I run RDP through a SSH tunnel for added security (I also use a
private/public key pair w/strong pass phrase for authentication) and its
easy to access more than one RDP host through the tunnel.

I think I would stick with the IPSec VPN if you have it up and running and
RDP is working through it...

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual
benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
B

beb

When you keep the host updated then, the man in the middle security attack
is what you should be concerned about .If you follow Mr. Sooner's advice
about secure tunnelling then that will take care of that hole.

Other than that the man in the middle threat, RDP is pretty secure when
configured with some of things you alluded to, strong password, user policy,
lockout policy, logging etc. ect.
 
G

Guest

thanks for the replies. the reason i ask is because i want to connect via any
xp pc eg i am at my friends house etc. and do not have the luxury of an ssh
tunnel, ipsec etc
regards
louis
 
P

Peter

thanks for the replies. the reason i ask is because i want to connect via
any
xp pc eg i am at my friends house etc. and do not have the luxury of an ssh
tunnel, ipsec etc
regards
louis
Click to expand...

If you cannot trust security of their computer, then you are insecure.
They might have keylogger installed, without even being aware.

Travel with your own computer (laptop?).
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

RDP intermitant connections 1
Storing different credential for different RDP sessions 4
RDP Service Not Functional 5
Multiple Remote Desktop Connections thru Router? 4
how to clear the trace of RDP to give way to other software? 4
Got VPN ...but how do I ensure RDP is using it? 6
SP2 breaks RDP Access 6
VPN works, RDP works but only by IP address 11

Top