|
#1
01-05-2006, 07:13 AM
|
|||
|
|||
How secured is Remote Desktop?
How secured is Remote Desktop in its default settings when both machines are
XP Pro with the latest patches? Obviously the initial handshaking when username and password are sent is encrypted, but is subsequent data tranfer also encrypted as well? If so how strong is the encryption? 
|
|
#2
01-05-2006, 07:13 AM
|
|||
|
|||
|
Re: How secured is Remote Desktop?
Hi,
Techmanblues wrote: > How secured is Remote Desktop in its default settings when both > machines are XP Pro with the latest patches? Obviously the initial > handshaking when username and password are sent is encrypted, but is > subsequent data tranfer also encrypted as well? Yes. > If so how strong is the encryption? The highest available encryption level is used by default, which amounts to 128-bit RC4. There are some flaws with it -- plaintext checksums make a cryptoanalysis attack potentially easier than it should be -- however, it's still quite well encrypted and the keys are unique to each session. The single layer of authentication (username and password only) is usually a more serious problem. For high security requirements, consider wraping RDP access with a VPN and smart card or certificate authentication. For personal use, make sure your Windows user accounts have decent passwords. If you only connect from certain locations (e.g. from the office to your home computer) you can configure your firewall (or router, if there is one) to only allow RDP connections from certain IP addresses or address blocks. -- Chris Priede I
|
|
#3
01-05-2006, 07:13 AM
|
|||
|
|||
|
Re: How secured is Remote Desktop?
See this page for information concerning RDP encryption...
http://msdn.microsoft.com/library/de...p_protocol.asp Personally I run RDP through a Secure Shell (SSH) tunnel both for added security and for easy access to multiple PCs on my home LAN. In my case I use a 2048-bit RSA private/public key pair (encrypted with a strong pass phrase) versus a password (strong or otherwise) for authentication. http://theillustratednetwork.mvps.or...esktopSSH.html You could do the same thing, ie. tunnel RDP, through a IPSec/L2TP or SSL VPN if you wished. -- Al Jarvi (MS-MVP Windows Networking) Please post *ALL* questions and replies to the news group for the mutual benefit of all of us... The MS-MVP Program - http://mvp.support.microsoft.com This posting is provided "AS IS" with no warranties, and confers no rights... "Techmanblues" <Techmanblues@discussions.microsoft.com> wrote in message news:BE9910E1-D82B-43DC-9CFB-6B9CCAF5F7B3@microsoft.com... > How secured is Remote Desktop in its default settings when both machines > are > XP Pro with the latest patches? Obviously the initial handshaking when > username and password are sent is encrypted, but is subsequent data > tranfer > also encrypted as well? If so how strong is the encryption?
|
 |
| Thread Tools | Search this Thread |
| Display Modes | |
|
Similar Threads
|
||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| Setting-up Remote Desktop to XP Clients on SBS2003 Domain | Aaron19027 | Windows XP Work Remotely | 1 | 01-05-2006 07:14 AM |
| Moving Remote Desktop destroys mouse pointer scheme. | theyas@community.nospam | Windows XP Work Remotely | 1 | 01-05-2006 07:14 AM |
| Remote Desktop - suddenly can't connect! | Stroller | Windows XP Work Remotely | 18 | 01-05-2006 07:13 AM |
| Remote Desktop doesn't work properly (network issue) | christophesav | Windows XP Network Web | 0 | 01-05-2006 04:06 AM |
| Re: Using remote desktop | Brooks W. | Windows XP Help and Support | 0 | 01-05-2006 02:51 AM |
Linear Mode
