How to check RDP is secured

T

tman

Can anyone tell me if there is a way to check if an RDP connection is
encrypted ok? Via local group policy, I enabled the RDP security feature on
the RDP server, and the RDP client connects ok, but I can't obviously tell
if the connection is encrypted or not (no warning, no systray icon etc).

Thanks
 
S

Sooner Al [MVP]

tman said:
Can anyone tell me if there is a way to check if an RDP connection is
encrypted ok? Via local group policy, I enabled the RDP security feature
on the RDP server, and the RDP client connects ok, but I can't obviously
tell if the connection is encrypted or not (no warning, no systray icon
etc).

Thanks
Click to expand...

Remote Desktop is encrypted natively. You can configure the host/server PC
to only use "High" encryption via a group policy. That is the way I
configure my host/server PCs. Beyond that you might look into a packet
sniffer of some sort to verify the data link is encrypted.

Some folks do run Remote Desktop through VPN or SSH tunnels for other
reasons including added security, strong authentication, etc...

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
T

tman

Thanks for the quick reply. I used a sniffer, and the payload definately
appeared as unreadable, so I was hoping the encryption was enabled. This
requirement is for some remote customers to connect to an XP client over the
internet. They don't really have much experience on encrypting/tunneling so
I wanted to keep it simple. RDP is ok for them, so as long as I make the
correct policy settings on the XP 'server', they should be ok. For there
needs, 128-bit RC4 enc should be acceptable.
 
S

Sooner Al [MVP]

tman said:
Thanks for the quick reply. I used a sniffer, and the payload definately
appeared as unreadable, so I was hoping the encryption was enabled. This
requirement is for some remote customers to connect to an XP client over
the internet. They don't really have much experience on
encrypting/tunneling so I wanted to keep it simple. RDP is ok for them, so
as long as I make the correct policy settings on the XP 'server', they
should be ok. For there needs, 128-bit RC4 enc should be acceptable.
Click to expand...
In addition to the "High" security setting I also configure my standalone
RDP host or TS server to always prompt for a password. Again that is via a
group policy. You might be interested in this RDP 6 authentication FAQ from
the TS team blog...

http://blogs.msdn.com/ts/archive/2007/01/22/vista-remote-desktop-connection-authentication-faq.aspx

--

Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the
mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no
rights...
 
R

Rich Raffenetti

If you are using TLS/SSL certificate-based RDP, a padlock appears on the
retractable bar at the top of the screen on the client PC. I wish I knew
what to call that bar!
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Similar Threads

RDP Win7, what files are stored locally? 3
Remote Desktop - Interactive Logon Message 0
Check XP RDP Session is on or not 1
RDP One-Way Only COME ON SOMEONE KIND!! 10
Issue with RDP and databe disconnects 0
Private LAN & Setting Up RDP - Sorta Stuck 1
Sarbanes Oxley - is RDP OK? 1
Can't rdp in Vista 5

Top