Remote Desktop Security

[Name]

Hi,

My question is about the security of Remote Desktop. I have heard elswhere
that RDP communication is/maybe encrypted.

Can anybody elaborate on what kind of encryption this is, can it be turned
on/off. What is the default status?

Are there any flaws in this encryption so that we will need another VPN to
pass the RDP connection thru?

Thanks for any help,
Regards

 

[Sooner Al]

Read all about it here...

http://msdn.microsoft.com/library/d...termserv/termserv/remote_desktop_protocol.asp

If you need to feel safer run RDP though a VPN or SSH tunnel.

--
Al Jarvi (MS-MVP Windows Networking)

Please post *ALL* questions and replies to the news group for the mutual benefit of all of us...
The MS-MVP Program - http://mvp.support.microsoft.com
This posting is provided "AS IS" with no warranties, and confers no rights...

 

[Bill Sanderson]

I think Al's links are authoritative.

There have been flaws in the RDP encryption system in the past, but they are
long since patched:

http://www.microsoft.com/technet/security/bulletin/MS02-051.mspx

RDP alone as a protocol is vulnerable to a man in the middle attack.

Such an attack is not easy to mount, but note this evidence:

http://bitstop.com.ph/archive/2004/11/16/609.aspx

Here's a description of the issue:

http://www.windowsitpro.com/WindowsSecurity/Articles/ArticleID/38589/pg/2/2.html

RDP hasn't been changed to eliminate this problem. Running RDP within a VPN
tunnel helps.

The other issue with RDP are brute force attacks on the password.

There are automated mechanisms out there and in use performing such attacks,
so use a strong password.